https://cyphora.io Azure and Microsoft security operations insights. en https://cyphora.io/blog/microsoft-foundry/microsoft-foundry-entra-id-agent-identity-logging/ https://cyphora.io/blog/microsoft-foundry/microsoft-foundry-entra-id-agent-identity-logging/ Entra ID diagnostic settings are the foundation for AI Foundry agent logging, not a nice-to-have and not replaceable by Advanced Hunting tables. This post covers what to configure, what each table delivers for security operations, how to correlate identity plane data with Foundry resource logs, and includes KQL detection queries for agentic sign-in activity, agent identity lifecycle events, and cross-table correlation patterns. Fri, 01 May 2026 00:00:00 GMT https://cyphora.io/blog/microsoft-foundry/microsoft-foundry-logging-overview/ https://cyphora.io/blog/microsoft-foundry/microsoft-foundry-logging-overview/ A breakdown of every logging layer available in Microsoft Foundry: what each captures, which sources security operations teams need to enable, and why the routing decisions matter before anything goes to production. Fri, 10 Apr 2026 00:00:00 GMT