Forum Discussion
Catch events for group actions
I have a third party software in our enterprise, that keeps track of the states of our microsoft 365 groups. This software should know about the existing groups, their memberships and names etc.
To keep the database up-to-date, I need to know when the following actions appear:
- User is added/removed from a group
- Group name is changed
- Group description is changed
- Group is deleted
Currently a job runs all 3 hours, that is going through the database and checks each group with calling the graph. But this is a bad approach, because if my group amount grows, the running time of the jobs is longer and longer.
It would be a lot better to catch a trigger event in Microsoft 365 if one of the above actions is happening on a group.
Can you give me a hint?
Use the audit log: https://docs.microsoft.com/en-us/microsoft-365/compliance/search-the-audit-log-in-security-and-compliance?view=o365-worldwide
You can fetch events programmatically via PowerShell or the management activities API.
