Cli-microsoft365: New command: aad user signin list

Created on 25 Oct 2020 · 7Comments · Source: pnp/cli-microsoft365

Usage

aad user signin list [options]

Description

Retrieve the Azure AD user sign-ins for your tenant. Sign-ins that are interactive in nature (where a username/password is passed as part of auth token) and successful federated sign-ins are currently included in the sign-in logs.

Options

| Option | Description |
| ----------------------- | ----------------------------------------- |
| --user <user> | Filters the userId, userPrincipalName or DisplayName of a user |
| --app <app> | Filters the appId and appname |
| --isRisky <isRisky> | true|false filters risky or not risky requests |
| --before <before> | returns the values before a specific date |
| --after<after> | returns the values after a specific date |
| --filter <filter> | The filter parameters supported by the signing command |

Additional Information

https://docs.microsoft.com/en-us/graph/api/signin-list?view=graph-rest-1.0&tabs=http

help wanted new feature

Source

plamber

All 7 comments

First of all I would like to understand together with you where we could place this command. It returns signin activities of a user. Therefore, it could be associated to some user command.

There are a lot of filter criterias available for this command. It will be quite difficult to provide all the options in a simple way. I think we should focus on few that might make sense. For example, we could combine userDisplayName, userId, and userPrincipalName in one parameter. Based on which values are passed already provide the necessary filters. I would do the same for appId, appDisplayName.

I find the createdDateTime interesting. We might consider having some commands that allow us to pass a daterange. Do we have examples that already do this?

I would also take out the isRisky parameter and provide a top parameter to limit the results.

If somebody wants to use something else, they can use the filter parameter and build their own query.

plamber on 25 Oct 2020

First of all I would like to understand together with you where we could place this command. It returns signin activities of a user. Therefore, it could be associated to some user command.

To me, it seems like a perfect match for the aad namespace

There are a lot of filter criterias available for this command. It will be quite difficult to provide all the options in a simple way.

How about we start with UPN and userId and take it from there?

I find the createdDateTime interesting. We might consider having some commands that allow us to pass a daterange. Do we have examples that already do this?

Good idea! I don't think we have an example of that other than the range-based reports you've built.

I would also take out the isRisky parameter and provide a top parameter to limit the results.

Love it!

If somebody wants to use something else, they can use the filter parameter and build their own query.

This is definitely good approach for the start. We can always extend it in the future if we notice specific usecases.

waldekmastykarz on 25 Oct 2020

👍1

Updated the command name to singular to match our naming convention

waldekmastykarz on 25 Oct 2020

@waldekmastykarz: what about this definition?

plamber on 26 Oct 2020

👍1

Let's do it!

waldekmastykarz on 27 Oct 2020

I can take it up if nobody else does

plamber on 27 Oct 2020

You've got 4 commands in progress already. Shall we get them done first and see if someone else wants to pick this one? 🙂

waldekmastykarz on 27 Oct 2020

Was this page helpful?

0 / 5 - 0 ratings

Related issues

Extend 'spo page add' with support for promoting as template

waldekmastykarz · 3Comments

Enhance Yammer message list command

plamber · 3Comments

No command to Allow/Prevent custom script on a site

vineet2907 · 3Comments

Correct all command examples and include a double quote when dealing with file outputs

plamber · 3Comments

Enhancement : Extend `teams channel get` to get information using `teamName` and `channelName` as options

rabwill · 3Comments