Intune

Audit Log Properties

Property
Property description
Values

ActivityType

The action that the admin takes.

Create, Delete, Patch, Action, SetReference, RemoveReference, Get, Search

ActorType

Person taking the action.

Unknown = 0, ItPro, IW, System, Partner, Application, GuestUser

Category

The pane where the action took place.

Other = 0, Enrollment = 1, Compliance = 2, DeviceConfiguration = 3, Device = 4, Application = 5, EBookManagement = 6, ConditionalAccess= 7, OnPremiseAccess= 8, Role = 9, SoftwareUpdates =10, DeviceSetupConfiguration = 11, DeviceIntent = 12, DeviceIntentSetting = 13, DeviceSecurity = 14, GroupPolicyAnalytics = 15, AssignmentFilter = 16, RemoteHelp = 17, OrganizationalMessage = 18, EndpointPrivilegeMgmt = 19, DeviceInventory = 20

ActivityResult

Whether the action is successful or not

Success = 1

Permissions Required to Access Logs

LogoAudit changes and events in Microsoft IntuneMicrosoftLearn

Last updated