Evaluating report-only Conditional Access impact is very straightforward when Entra ID logs are streamed to Log Analytics. Those who can’t have this feature enabled can still use the AADSignInEvents beta table in Defender to find some extra insights.
All posts tagged Defender
Hunting for report-only (Microsoft-managed) Conditional Access impacts
Posted by Daniel Kovacs on January 17, 2024
https://f12.hu/2024/01/17/hunting-for-report-only-microsoft-managed-conditional-access-impacts/