You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/active-directory-reporting-retention.md
+26-28Lines changed: 26 additions & 28 deletions
Original file line number
Diff line number
Diff line change
@@ -13,38 +13,36 @@ ms.devlang: na
13
13
ms.topic: article
14
14
ms.tgt_pltfrm: na
15
15
ms.workload: identity
16
-
ms.date: 03/07/2016
16
+
ms.date: 11/30/2016
17
17
ms.author: dhanyahk
18
18
19
19
---
20
20
# Azure Active Directory report retention policies
21
21
*This documentation is part of the [Azure Active Directory Reporting Guide](active-directory-reporting-guide.md).*
22
22
23
-
Azure Active Directory (Azure AD) reports retain data for a certain number of days, indicated here.
24
-
25
-
| Report | Description |
26
-
| --- | --- |
27
-
| Sign-ins from unknown sources |30 days |
28
-
| Sign-ins after multiple failures |30 days |
29
-
| Sign-ins from multiple geographies |30 days |
30
-
| Sign-ins from IP addresses with suspicious activity |30 days |
31
-
| Sign-ins from possibly infected devices |30 days |
32
-
| Irregular sign-in activity |30 days |
33
-
| Users with anomalous sign-in activity |30 days |
34
-
| Users with leaked credentials |30 days |
35
-
| Audit report |180 days |
36
-
| Password reset activity (Azure AD) |30 days |
37
-
| Password reset activity (Identity Manager) |30 days |
38
-
| Password reset registration activity (Azure AD) |30 days |
39
-
| Password reset registration activity (Identity Manager) |30 days |
40
-
| Self service groups activity (Azure AD) |30 days |
41
-
| Self service groups activity (Identity Manager) |30 days |
42
-
| Application usage |30 days |
43
-
| Account provisioning activity |30 days |
44
-
| Password rollover status |30 days |
45
-
| Account provisioning errors |30 days |
46
-
| RMS usage |30 days |
47
-
| Most active RMS users |30 days |
48
-
| RMS device usage |30 days |
49
-
| RMS enabled application usage |30 days |
23
+
24
+
25
+
This article provides an overview of data retention for the different Activity reports present in Azure Active Directory.
26
+
27
+
For Activity reports, for Premium and Premium 2 customers, we start collecting your activity data as soon as you sign-up for a Premium license. For free customers, we start collecting activity data as soon as you login into the portal or use our reporting APIs for the first time.
28
+
29
+
If you had already seeing reports in the Azure Classic portal, you will see your data immediately in the Azure Portal (new). If you haven’t turned on reporting through the old portal and logging into Azure Active Directory in Azure Portal and want to see these activity reports, it may take up 2 hours for you to see the data. We start collecting the data as soon as you log into the Azure Active Directory blade.
30
+
31
+
For Security signals, we start collecting data as soon as you opt-in to use Identity Protection Center.
32
+
33
+
34
+
35
+
**Activity reports**
36
+
37
+
| Report | Azure AD Free | Azure AD Premium 1 | Azure AD Premium 2 |
38
+
| :-- | :-- | :-- | :-- |
39
+
| Directory Audit | 7 days | 30 days | 30 days |
40
+
| Sign-in Activity | 7 days | 30 days | 30 days |
41
+
42
+
**Security Signals**
43
+
44
+
| Report | Azure AD Free | Azure AD Premium 1 | Azure AD Premium 2 |
0 commit comments