check before: 2025-08-01
Product:
Purview Communication Compliance
Platform:
US Instances, Web, World tenant
Status:
In development
Change type:
Links:
Details:
To improve clarity and transparency, we’re updating the audit data for events related to Microsoft Purview role group membership changes. This update affects audit events under the SecurityComplianceRBAC workload (RecordType 87), specifically for operations for GrantPermission, DeletePermission. While the audit schema remains unchanged, the PreExecutionMessage and PostExecutionMessage fields will be refined to better reflect the nature of the changes captured in the logs. Action Required: If your organization consumes these audit log events programmatically (e.g., via scripts or automation tools), please review and update your parsing logic to accommodate the enhanced message content. Rollout Timeline: This change will be rolled out starting in August. We recommend validating your systems against the updated message format as soon as it becomes available in your environment.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2025-05-21
updated:
2025-05-21
Public Preview Start Date
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is enhancing the clarity and detail of logs for role group membership changes in the Microsoft Purview compliance portal, affecting how actions like granting or deleting permissions are recorded, and organizations should update their systems to accommodate these changes starting in August.
Direct effects for Operations**
Audit Log Changes
Changes in the audit log message format may lead to misinterpretation of role group membership changes if parsing logic is not updated, potentially causing compliance issues.
- roles: Compliance Officer, IT Administrator
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-purview-compliance-portal-upcoming-update-to-audit/ba-p/3851230
Automation Failures
If automation tools rely on the old message format, they may fail to process audit logs correctly, leading to gaps in monitoring and reporting.
- roles: DevOps Engineer, IT Administrator
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-purview-compliance-portal-upcoming-update-to-audit/ba-p/3851230
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 4 weeks ago
