| title | description | services | documentationcenter | author | manager | editor | ms.assetid | ms.service | ms.devlang | ms.topic | ms.tgt_pltfrm | ms.workload | ms.component | ms.date | ms.author | ms.reviewer |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Azure Active Directory report retention policies | Microsoft Docs |
Retention policies on report data in your Azure Active Directory |
active-directory |
priyamohanram |
mtillman |
183e53b0-0647-42e7-8abe-3e9ff424de12 |
active-directory |
reference |
identity |
report-monitor |
11/13/2018 |
priyamo |
dhanyahk |
In this article, you learn about the data retention policies for the different activity reports in Azure Active Directory.
| Azure AD Edition | Collection Start |
|---|---|
| Azure AD Premium P1 Azure AD Premium P2 |
When you sign up for a subscription |
| Azure AD Free Azure AD Basic |
The first time you open the Azure Active Directory blade or use the reporting APIs |
- Immediately - If you have already been working with reports in the Azure portal.
- Within 2 hours - If you haven’t turned on reporting in the Azure portal.
For security signals, the collection process starts when you opt-in to use the Identity Protection Center.
Activity reports
| Report | Azure AD Free | Azure AD Premium P1 | Azure AD Premium P2 |
|---|---|---|---|
| Directory Audit | 7 days | 30 days | 30 days |
| Sign-in Activity | N/A | 30 days | 30 days |
| Azure MFA Usage | 30 days | 30 days | 30 days |
Security signals
| Report | Azure AD Free | Azure AD Premium P1 | Azure AD Premium P2 |
|---|---|---|---|
| Users at risk | 7 days | 30 days | 90 days |
| Risky sign-ins | 7 days | 30 days | 90 days |