Hi,
i would like to be able to alert, ideally through log insight each time a permission was attempted by a user and denied. Ideally the report would show the attempted permission and the object it was attempted against.
I would settle for just the permission which was denied.
The reason this is required it to troubleshoot service account permissions. Many applications, and scripts, don't have documentation and going back and forth is difficult. Having the ability to know what was attempted would allow for a quick change to the role and a reattempt made.
Is there any capability to find when a user makes a request which is denied due to lack of permissions?