KBI 312013 Required Permissions To Monitor Microsoft 365 Audit Logs


All Versions of Argent Omega


Monday, 12 September 2022


Argent has the capability to monitor Microsoft 365 Audit Logs for compliance reasons

Technical Background

Argent application (created earlier) will be configured with “AuditLog Read all”, and “Directory Read all” permissions from the Microsoft Graph API


Navigate to https://aad.portal.azure.com

directly or click on “Azure Active Directory” from Microsoft 365 Admin Center

Log in with an account that has permission to edit App Registration

Click on “Azure Active Directory” from the left panel

Select “App Registration” and click on the Argent application to edit i.e. “Argent”

Navigate to “API Permissions”

Click on “Add a permission”

Select “Microsoft Graph”

Click on “Application Permissions”

Scroll down to the AuditLog menu and select the “Read all audit log data” checkbox

Lastly, scroll down to the Directory menu and select the “Read directory data” checkbox

Click on “Add permissions” and an admin has to approve for the changes to take effect

Chances are the logged-on account already has the correct permission to approve

Click on Grant admin consent for your current tenant and select “Yes”