{"id":974,"date":"2019-05-03T09:00:00","date_gmt":"2019-05-03T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/"},"modified":"2019-05-03T09:00:00","modified_gmt":"2019-05-03T16:00:00","slug":"custom-connector-microsoft-flow-search-unified-audit-log","status":"publish","type":"power-automate","link":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/","title":{"rendered":"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow &#038; Search Unified Audit Logs"},"content":{"rendered":"<p>In this post, Joao Lucindo, a Microsoft TSP hailing from Brazil shows you how to develop a Microsoft Flow Custom\u00a0 Connector to get audit logs from Office 365. This solution is based on the <a href=\"https:\/\/docs.microsoft.com\/sk-sk\/powershell\/module\/exchange\/policy-and-compliance-audit\/search-unifiedauditlog?view=exchange-ps&amp;viewFallbackFrom=exchange-p\">Search-UnifiedAuditLog cmdlet<\/a>.<\/p>\n<h1>Step-by-Step<\/h1>\n<p>1) Access <a href=\"https:\/\/flow.microsoft.com\/\">Microsoft Flow<\/a>, log in and select the gear icon in the top right-hand corner and then click &#8220;Custom Connectors&#8221;.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-976 size-full\" height=\"1032\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png\" width=\"1919\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img1.webp 1919w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img1-300x161.webp 300w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img1-1024x551.webp 1024w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img1-768x413.webp 768w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img1-1536x826.webp 1536w\" sizes=\"(max-width: 1919px) 100vw, 1919px\" \/><br \/>\n2) Click &#8220;+Create custom Connector&#8221; and choose &#8220;Create from blank&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-981 size-full\" height=\"1039\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img2.png\" width=\"1919\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img2.webp 1919w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img2-300x162.webp 300w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img2-1024x554.webp 1024w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img2-768x416.webp 768w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img2-1536x832.webp 1536w\" sizes=\"(max-width: 1919px) 100vw, 1919px\" \/><br \/>\n3) Choose a name for your custom connector<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-983 size-full\" height=\"618\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img3.png\" width=\"1227\"\/><\/p>\n<p>4)Fill the fields like the print screen below, and then click &#8220;Security&#8221;:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-985 size-full\" height=\"800\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img4.png\" width=\"761\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img4.webp 761w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img4-285x300.webp 285w\" sizes=\"(max-width: 761px) 100vw, 761px\" \/><\/p>\n<p>Icon background color: <strong>choose a color in hex format<\/strong><\/p>\n<p>Description: <strong>g<\/strong><strong>ive a description for your custom connector<\/strong><\/p>\n<p>Host: <strong>outlook.office365.co<\/strong><\/p>\n<p>5) Choose &#8220;Basic authentication&#8221; for the Authentication Type, and fill the Parameter label field with &#8220;UserName&#8221; and &#8220;Password&#8221; like the print screen below (Do NOT enter secrets here. These fields are used to configure display names for connections). Finally click &#8220;Definition&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-990 size-full\" height=\"633\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img5.png\" width=\"796\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img5.webp 796w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img5-300x239.webp 300w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img5-768x611.webp 768w\" sizes=\"(max-width: 796px) 100vw, 796px\" \/><\/p>\n<p>6) In the &#8220;Definition&#8221; step, click &#8220;New Action&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-991 size-full\" height=\"904\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img6.png\" width=\"1308\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img6.webp 1308w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img6-300x207.webp 300w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img6-1024x708.webp 1024w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img6-768x531.webp 768w\" sizes=\"(max-width: 1308px) 100vw, 1308px\" \/><\/p>\n<p>7) Fill all the field with &#8220;GetLogs&#8221;, like the image below, and then select &#8220;+ Import From sample&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-992 size-full\" height=\"632\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img7.png\" width=\"715\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img7.webp 715w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img7-300x265.webp 300w\" sizes=\"(max-width: 715px) 100vw, 715px\" \/><\/p>\n<p>8) Choose the verb &#8220;Get&#8221;. In the field URL paste: &lt;<a href=\"https:\/\/outlook.office365.com\/psws\/service.svc\/UnifiedAuditLog?StartDate=%7bSTARTDATE%7d&amp;EndDate=%7bENDDATE%7d&amp;RecordType=%7bRECORDTYPE%7d&amp;ResultSize=%7bRESULTSIZE%7d\">https:\/\/outlook.office365.com\/psws\/service.svc\/UnifiedAuditLog?StartDate={STARTDATE}&amp;EndDate={ENDDATE}&amp;RecordType={RECORDTYPE}&amp;ResultSize={RESULTSIZE}<\/a>&gt;. Finally click &#8220;Import&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-993 size-full\" height=\"521\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img8.png\" width=\"502\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img8.webp 502w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img8-289x300.webp 289w\" sizes=\"(max-width: 502px) 100vw, 502px\" \/><\/p>\n<p>\u00a0<\/p>\n<p>9) In the query parameter &#8220;RecordType&#8221; click &#8220;Edit&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-994 size-full\" height=\"647\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img9.png\" width=\"658\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img9.webp 658w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img9-300x295.webp 300w\" sizes=\"(max-width: 658px) 100vw, 658px\" \/><\/p>\n<p>10) Change the &#8220;Is required&#8221; option to &#8220;Yes&#8221;; The &#8220;Dropdown type&#8221; to &#8220;Static&#8221;; and then paste &lt;<strong>AzureActiveDirectory, AzureActiveDirectoryAccountLogon, AzureActiveDirectoryStsLogon, ComplianceDLPExchange, ComplianceDLPSharePoint, Discovery, ExchangeAdmin, ExchangeAggregatedOperation, ExchangeItem, ExchangeItemGroup, MicrosoftTeams, MicrosoftTeamsAddOns, MicrosoftTeamsSettingsOperation, OneDrive, PowerBIAudit, SecurityComplianceAlerts, SecurityComplianceCenterEOPCmdlet, SecurityComplianceInsights, SharePoint, SharePointFileOperation, SharePointSharingOperation, SkypeForBusinessCmdlets, SkypeForBusinessPSTNUsage, SkypeForBusinessUsersBlocked, Sway, ThreatIntelligence, Yammer, MicrosoftStream<\/strong>&gt; in the field &#8220;Values&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter wp-image-995 size-full\" height=\"824\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img10.png\" width=\"630\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img10.webp 630w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img10-229x300.webp 229w\" sizes=\"(max-width: 630px) 100vw, 630px\" \/><\/p>\n<p>11) Repeat the same for the others Query parameters (StartDate,EndDate,ResultSize), but this time only change the &#8220;Is required&#8221; field to &#8220;Yes&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter size-full wp-image-996\" height=\"629\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img11.png\" width=\"645\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img11.webp 645w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img11-300x293.webp 300w\" sizes=\"(max-width: 645px) 100vw, 645px\" \/><\/p>\n<p>12) Select &#8220;Create connector&#8221;, wait for a few seconds to conclude the creation connector process, and then click &#8220;Test&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter size-full wp-image-997\" height=\"939\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img12.png\" width=\"1013\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img12.webp 1013w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img12-300x278.webp 300w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img12-768x712.webp 768w\" sizes=\"(max-width: 1013px) 100vw, 1013px\" \/><\/p>\n<p>13) Select &#8220;New connection&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter size-full wp-image-998\" height=\"675\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img13.png\" width=\"733\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img13.webp 733w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img13-300x276.webp 300w\" sizes=\"(max-width: 733px) 100vw, 733px\" \/><\/p>\n<p>14) Type the email and password for the Global admin account, and then select &#8220;Create connection&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter size-full wp-image-999\" height=\"440\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img14.png\" width=\"877\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img14.webp 877w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img14-300x151.webp 300w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img14-768x385.webp 768w\" sizes=\"(max-width: 877px) 100vw, 877px\" \/><\/p>\n<p>15) If necessary, click in the refresh icon to activate the new connection that we just created. Fill the fields &#8220;<strong>StartDate<\/strong>&#8221; and &#8220;<strong>EndDate<\/strong>&#8221; (YYYY-MM-DD)*. For the &#8220;<strong>RecordType<\/strong>&#8221; field choose one of the options from the step 10. For the &#8220;ResultSize&#8221; field fill with 5000. Finally click &#8220;Test operation&#8221;<\/p>\n<p>*Audit record is generated and stored in the Office 365 audit log for your organization. The length of time that an audit record is retained (and searchable in the audit log) depends on your Office 365 subscription, and specifically the type of the license that is assigned to a specific user.<\/p>\n<ul>\n<li>Office 365 E3\u00a0&#8211; Audit records are retained for 90 days. That means you can search the audit log for activities that were performed within the last 90 days.<\/li>\n<li>Office 365 E5\u00a0&#8211; Audit records are retained for 365 days (one year). That means you can search the audit log for activities that were performed within the last year. Retaining audit records for one year is also available for users that are assigned an E3\/Exchange Online Plan 1 license and have an Office 365 Advanced Compliance add-on license.<\/li>\n<\/ul>\n<p>(<a href=\"https:\/\/docs.microsoft.com\/en-us\/office365\/securitycompliance\/search-the-audit-log-in-security-and-compliance\">https:\/\/docs.microsoft.com\/en-us\/office365\/securitycompliance\/search-the-audit-log-in-security-and-compliance<\/a>)<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter size-full wp-image-1000\" height=\"647\" src=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img15.png\" width=\"659\" srcset=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img15.webp 659w, https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2019\/05\/img15-300x295.webp 300w\" sizes=\"(max-width: 659px) 100vw, 659px\" \/><\/p>\n<p>16) You should receive a Response Status 200, if not please review all the steps.<\/p>\n<p>Now you can build a schedule-based Flow to save logs in a Sharepoint List or SQL table, for example:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" class=\"aligncenter size-full wp-image-1001\" height=\"1467\" src=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2024\/06\/img16.png\" width=\"978\"\/><\/p>\n<p>For the Parse Json Action, you can you the follow Schema:<\/p>\n<p>\u00a0<\/p>\n<table style=\"height: 3043px;\" width=\"583\">\n<tbody>\n<tr>\n<td width=\"616\">\n<pre style=\"text-align: left;\">{\n\n\"type\": \"object\",\n\n\"properties\": {\n\n\"odata.metadata\": {\n\n\"type\": \"string\"\n\n},\n\n\"value\": {\n\n\"type\": \"array\",\n\n\"items\": {\n\n\"type\": \"object\",\n\n\"properties\": {\n\n\"Identity\": {\n\n\"type\": \"string\"\n\n},\n\n\"AuditData\": {\n\n\"type\": \"string\"\n\n},\n\n\"CreationDate\": {\n\n\"type\": \"string\"\n\n},\n\n\"IsValid\": {\n\n\"type\": \"boolean\"\n\n},\n\n\"ObjectState\": {\n\n\"type\": \"string\"\n\n},\n\n\"Operations\": {\n\n\"type\": \"string\"\n\n},\n\n\"RecordType\": {\n\n\"type\": \"string\"\n\n},\n\n\"ResultCount\": {\n\n\"type\": \"number\"\n\n},\n\n\"ResultIndex\": {\n\n\"type\": \"number\"\n\n},\n\n\"UserIds\": {\n\n\"type\": \"string\"\n\n},\n\n\"ObjectIds\": {},\n\n\"IPAddresses\": {},\n\n\"SiteIds\": {}\n\n},\n\n\"required\": [\n\n\"Identity\",\n\n\"AuditData\",\n\n\"CreationDate\",\n\n\"IsValid\",\n\n\"ObjectState\",\n\n\"Operations\",\n\n\"RecordType\",\n\n\"ResultCount\",\n\n\"ResultIndex\",\n\n\"UserIds\",\n\n\"ObjectIds\",\n\n\"IPAddresses\"\n\n]\n\n}\n\n}\n\n}\n\n}<\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this post, Joao Lucindo, a Microsoft TSP hailing from Brazil shows you how to develop a Microsoft Flow Custom\u00a0 Connector to get audit logs from Office 365. This solution is based on the Search-UnifiedAuditLog cmdlet.<\/p>\n","protected":false},"author":374,"featured_media":0,"comment_status":"open","ping_status":"open","template":"","power-automate-category":[2590],"power-automate-tag":[2441,2507,2591],"coauthors":[2944],"class_list":["post-974","power-automate","type-power-automate","status-publish","hentry","power-automate-category-flow-of-the-week","power-automate-tag-advanced","power-automate-tag-community-blog","power-automate-tag-flow-of-the-week"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow &amp; Search Unified Audit Logs - Microsoft Power Platform Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow &amp; Search Unified Audit Logs - Microsoft Power Platform Blog\" \/>\n<meta property=\"og:description\" content=\"In this post, Joao Lucindo, a Microsoft TSP hailing from Brazil shows you how to develop a Microsoft Flow Custom\u00a0 Connector to get audit logs from Office 365. This solution is based on the Search-UnifiedAuditLog cmdlet.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Power Platform Blog\" \/>\n<meta property=\"og:image\" content=\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 min read\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Joao Lucindo\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/\",\"name\":\"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow & Search Unified Audit Logs - Microsoft Power Platform Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png\",\"datePublished\":\"2019-05-03T16:00:00+00:00\",\"dateModified\":\"2019-05-03T16:00:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#primaryimage\",\"url\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png\",\"contentUrl\":\"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Power Automate\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow &#038; Search Unified Audit Logs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\",\"name\":\"Microsoft Power Platform Blog\",\"description\":\"Innovate with Business Apps\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization\",\"name\":\"Microsoft Power Platform Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png\",\"width\":194,\"height\":145,\"caption\":\"Microsoft Power Platform Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow & Search Unified Audit Logs - Microsoft Power Platform Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/","og_locale":"en_US","og_type":"article","og_title":"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow & Search Unified Audit Logs - Microsoft Power Platform Blog","og_description":"In this post, Joao Lucindo, a Microsoft TSP hailing from Brazil shows you how to develop a Microsoft Flow Custom\u00a0 Connector to get audit logs from Office 365. This solution is based on the Search-UnifiedAuditLog cmdlet.","og_url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/","og_site_name":"Microsoft Power Platform Blog","og_image":[{"url":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 min read","Written by":"Joao Lucindo"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/","name":"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow & Search Unified Audit Logs - Microsoft Power Platform Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#primaryimage"},"thumbnailUrl":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png","datePublished":"2019-05-03T16:00:00+00:00","dateModified":"2019-05-03T16:00:00+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#primaryimage","url":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png","contentUrl":"https:\/\/powerautomateblogmedia.azureedge.net\/powerautomateblog\/2019\/05\/img1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/custom-connector-microsoft-flow-search-unified-audit-log\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/"},{"@type":"ListItem","position":2,"name":"Power Automate","item":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/power-automate\/"},{"@type":"ListItem","position":3,"name":"Advanced | Flow of the Week: Build a Custom Connector for Microsoft Flow &#038; Search Unified Audit Logs"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/","name":"Microsoft Power Platform Blog","description":"Innovate with Business Apps","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#organization","name":"Microsoft Power Platform Blog","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-content\/uploads\/2020\/03\/Microsoft-Logo-e1685482038800.png","width":194,"height":145,"caption":"Microsoft Power Platform Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/#\/schema\/logo\/image\/"}}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Power Platform Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/power-automate\/974"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/power-automate"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/types\/power-automate"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/users\/374"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/comments?post=974"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/power-automate\/974\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/media?parent=974"}],"wp:term":[{"taxonomy":"power-automate-category","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/power-automate-category?post=974"},{"taxonomy":"power-automate-tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/power-automate-tag?post=974"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/power-platform\/blog\/wp-json\/wp\/v2\/coauthors?post=974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}