Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Find everything you need to get certified on Fabric—skills challenges, live sessions, exam prep, role guidance, and more. Get started

Reply
Evogelpohl
Helper V
Helper V

PBI Audit Log - Doesn't Report Success/Fail - Caution

If you've used the (preview at this writing) PowerBI Audit Log in the Security and Compliance Audit Log Office 365 Admin query tool; you'll notice that it does not have a column for: "result" or "exit code" or "success/fail/permission-denied". 

 

A very problematic issue has resulted for me.

 

Example:

Let's say you build a report/dashboard off a SQL Tabular source (connected via gateway of course).  And you apply security using SQL Tabular Roles (at the Tabular level, not the PowerBI level).  Then, you share the report/dashboard to a PowerBI Workspace with several users.   Fine so far...

 

Now, let's say Suzy Smith does NOT have Tabular read-rights.  She can't use the cube from Excel AND she can't view content shared w/ her from PowerBI.  Great.  That's how it should work.  The dashboard would render the (X) "ERROR" message for her on each object - as appropriate.

 

BUT - and here's the caution for enterprises - If someone shares a dashboard/report w/ Suzy Smith and she's clicks it (she'll get the appropriate error on the report) but the audit log will create an entry that reads: "Suzy Smith - ViewDashboard - datetime". 

 

Thus, the audit log notes that Suzy Smith did see the dashboard.  In reality, she didn't.  She got the (X) error on every object on the dashobard.  Suzy Smith did NOT see the company's forecast for next quarter.  But your audit log implies that she did.

 

Your company's auditor ~may~ not like this.

 

 

3 REPLIES 3
GuyInACube
Employee
Employee

Technically speaking, the dashboard did load. In your example individual tiles will get the X because she wouldn't be able to talk to the tabular instance. 

 

What if they had a mix of items on the dashboard. Maybe some items from an imported report/dataset mixed with some tiles from a live SSAS report. The items for the improted dataset would load properly, but the SSAS Live tiles would error. The dashboard was still viewed.

Adam W. Saxton | Microsoft Employee | Business Intelligence
@GuyInACube | youtube.com/guyinacube

@GuyInACube -

Thanks.  And, I agree w/ your logic.  The dashboard or report is an object unto itself - and technically, it was viewed by Suzy in this hypothetical situation.  So, fair to have an audit entry for it.

 

But, you can see the challenge at an enterprise level.

 

I'll add some ideas to the idea link you provided:

 

* Perhaps the audit log should be at the object level, not the container level.

* If the log continues to audit at the dashboard/report level; then perhaps there should be a 'result' (exit) code:  E.g:

- 1 = All objects rendered w/o Error

- 2 = Full/Partial Object-Render Errors on Report or Dashboard

 

 

-Eric.

 

 

 

I understand the confusion and realize that some may see a failure in a visual as a failure to load the dashboard. I don't know that not logging the view dashboard is the right approach though (mainly for my example of a mixed dashboard). 

Adam W. Saxton | Microsoft Employee | Business Intelligence
@GuyInACube | youtube.com/guyinacube

Helpful resources

Announcements
Europe Fabric Conference

Europe’s largest Microsoft Fabric Community Conference

Join the community in Stockholm for expert Microsoft Fabric learning including a very exciting keynote from Arun Ulag, Corporate Vice President, Azure Data.

Power BI Carousel June 2024

Power BI Monthly Update - June 2024

Check out the June 2024 Power BI update to learn about new features.

RTI Forums Carousel3

New forum boards available in Real-Time Intelligence.

Ask questions in Eventhouse and KQL, Eventstream, and Reflex.

Top Solution Authors