Practical Graph: Running Audit Log Searches with the AuditLog Query API
After a year or so of using the AuditLog Query Graph API, we have enough experience to be able to explain how to take advantage of the API and when it could be used to run audit searches instead of the Search-UnifiedAuditLog cmdlet. There's lots of PowerShell code in this article to give anyone who wants to experiment with the API a good start to finding audit events.
April 8, 2025