Support Diagnostic Settings for PIM Audit Logs
Azure AD Audit Logs and Sign-in Logs can be forwarded to Log Analytics, Storage Account or Event Hub. It is crucial to have this functionality also for the PIM Audit History. Just using the Azure Portal GUI to export a CSV is not how it should be nowadays.
Keith Templin commented
PCI requirements dictate that you can export all access logs for the last 365 days, I cannot do this efficiently with the current configuration.
Andy Ball commented
Agreed , especially as it seems to require highly privileged access to view PIM audit logs (ie Global Administrator / Privileged Administrator or Owner for Azure Resources - getting this clarified here https://github.com/MicrosoftDocs/azure-docs/issues/46536#issuecomment-576935717)
Liebigt Marc commented