Enable inactive human identity logs on Azure in Cortex Cloud Identity Security - Configuration information for enabling inactive human identity logs on Azure. - Administrator Guide

Enable inactive human identity logs on Azure in Cortex Cloud Identity Security - Configuration information for enabling inactive human identity logs on Azure. - Administrator Guide - Cortex CLOUD

Cortex Cloud Posture Management Documentation

Product

Cortex Cloud Application Security > Cortex CLOUD

License

Cloud Posture Management

Creation date

2025-01-22

Last date published

2026-06-04

Category

Administrator Guide

Abstract

Configuration information for enabling inactive human identity logs on Azure.

To enable inactive human identity logs on the Microsoft Azure platform in Cortex Cloud Identity Security, you must first configure diagnostic settings for the SignInLog log types. These log types provide information regarding how long human identities have been signed in.

To configure the SignInLog log types, do the following:

Open the Azure console.
Navigate to the Diagnostic settings screen.
In the Logs area, under Categories, select the following categories that are related to sign-in logs:
- SigninLogs
- NonInteractiveUserSigninLogs
- ServicePrincipalSigninLogs
- ManagedIdentitySigninLogs
- ADFSSigninLogs
Click Save.

Note

For more information, see Ingest logs from Microsoft Azure Event Hub.