cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Evogelpohl
Helper V
Helper V

PBI Audit Log - Doesn't Report Success/Fail - Caution

If you've used the (preview at this writing) PowerBI Audit Log in the Security and Compliance Audit Log Office 365 Admin query tool; you'll notice that it does not have a column for: "result" or "exit code" or "success/fail/permission-denied". 

 

A very problematic issue has resulted for me.

 

Example:

Let's say you build a report/dashboard off a SQL Tabular source (connected via gateway of course).  And you apply security using SQL Tabular Roles (at the Tabular level, not the PowerBI level).  Then, you share the report/dashboard to a PowerBI Workspace with several users.   Fine so far...

 

Now, let's say Suzy Smith does NOT have Tabular read-rights.  She can't use the cube from Excel AND she can't view content shared w/ her from PowerBI.  Great.  That's how it should work.  The dashboard would render the (X) "ERROR" message for her on each object - as appropriate.

 

BUT - and here's the caution for enterprises - If someone shares a dashboard/report w/ Suzy Smith and she's clicks it (she'll get the appropriate error on the report) but the audit log will create an entry that reads: "Suzy Smith - ViewDashboard - datetime". 

 

Thus, the audit log notes that Suzy Smith did see the dashboard.  In reality, she didn't.  She got the (X) error on every object on the dashobard.  Suzy Smith did NOT see the company's forecast for next quarter.  But your audit log implies that she did.

 

Your company's auditor ~may~ not like this.

 

 

3 REPLIES 3
GuyInACube
Microsoft
Microsoft

Technically speaking, the dashboard did load. In your example individual tiles will get the X because she wouldn't be able to talk to the tabular instance. 

 

What if they had a mix of items on the dashboard. Maybe some items from an imported report/dataset mixed with some tiles from a live SSAS report. The items for the improted dataset would load properly, but the SSAS Live tiles would error. The dashboard was still viewed.

Adam W. Saxton | Microsoft Employee | Business Intelligence
@GuyInACube | youtube.com/guyinacube

@GuyInACube -

Thanks.  And, I agree w/ your logic.  The dashboard or report is an object unto itself - and technically, it was viewed by Suzy in this hypothetical situation.  So, fair to have an audit entry for it.

 

But, you can see the challenge at an enterprise level.

 

I'll add some ideas to the idea link you provided:

 

* Perhaps the audit log should be at the object level, not the container level.

* If the log continues to audit at the dashboard/report level; then perhaps there should be a 'result' (exit) code:  E.g:

- 1 = All objects rendered w/o Error

- 2 = Full/Partial Object-Render Errors on Report or Dashboard

 

 

-Eric.

 

 

 

I understand the confusion and realize that some may see a failure in a visual as a failure to load the dashboard. I don't know that not logging the view dashboard is the right approach though (mainly for my example of a mixed dashboard). 

Adam W. Saxton | Microsoft Employee | Business Intelligence
@GuyInACube | youtube.com/guyinacube

Helpful resources

Announcements
Carousel_PBI_Wave1

2023 Release Wave 1 Plans

Power BI release plans for 2023 release wave 1 describes all new features releasing from April 2023 through September 2023.

Power BI Summit Carousel 2

Global Power BI Training

Make sure you register today for the Power BI Summit 2023. Don't miss all of the great sessions and speakers!

Thank you 2022 Review

2022 Monthly Feature Releases

We had a great 2022 with a ton of feature releases to help you drive a data culture.

Top Solution Authors
Top Kudoed Authors