MC1169075: Admin actions related to Copilot agent management will be logged in Microsoft Purview Unified Audit Logs

Home » Microsoft » MC1169075: Admin actions related to Copilot agent management will be logged in Microsoft Purview Unified Audit Logs

Table of Contents

Summary
History
Microsoft Message
Introduction
When this will happen
How this affects your organization
What you can do to prepare
Compliance considerations

Summary

Admin actions related to Copilot agent management will be logged in Microsoft Purview Unified Audit Logs, enhancing visibility for security teams.
Logging will include details such as publishing, deploying, removing, and updating agents, as well as changes to agent settings.
The audit schema will capture key data points like agent name, agent type, and admin ID, accessible via the Purview Portal.
This feature is enabled by default; no configuration is required from admins.
Security teams should prepare by familiarizing themselves with Purview audit log search capabilities.

Admin Impact: Medium
User Impact: Low
Release Start: 01 Oct 2025
Release End: 15 Nov 2025
Services: Purview
Category: Stay informed
Tags: New Feature, User Adoption, Admin Action

History

10/9/2025: Item Added to Message Center

Microsoft Message

Introduction

Admin activity related to agent management will now be logged in Microsoft Purview Unified Audit Logs. This enhancement improves visibility and traceability for security teams managing Copilot agents across Microsoft 365 services.

This message is associated with Microsoft 365 Roadmap ID 498227.

When this will happen

General Availability (Worldwide): Rollout will begin in late October 2025 and is expected to complete by mid-November 2025.

How this affects your organization

Who is affected:Admins managing Microsoft Copilot agents in Microsoft 365 environments.

What will happen:

Admin actions such as publishing, deploying, removing, and updating agents will be logged.
Changes to agent settings at both tenant and agent levels will be captured.
Audit schema includes key data points such as agent name, agent type, and admin ID.
Logs will be accessible via the Purview Portal.
Feature is enabled by default; no configuration required.

Search view in the new Microsoft Purview Unified Audit Log:

Search view in the new Microsoft Purview Unified Audit Log

Details view in the new Microsoft Purview Unified Audit Log:

What you can do to prepare

Security teams can begin searching and reviewing agent-related admin actions in the Purview Portal.
Familiarize yourself with audit log search capabilities in Purview.
No additional configuration is required to enable logging.

Compliance considerations

Question	Answer
Does the change alter how existing customer data is processed, stored, or accessed (e.g. documents, emails, chats, etc.), if so how and to what extent?	Yes – Admin actions related to agent management are now logged, increasing visibility into operational activities.
Does the change modify, interrupt, or disable any of the following capabilities (Purview): Audit logging capabilities?	Yes – Adds new audit events specific to agent management in Purview Unified Audit Logs.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities e.g. Purview or admin reporting, if so summarize the changes?	Yes – Admins gain new visibility into agent-related actions, improving compliance reporting and audit traceability.
Does the change include an admin control and, can it be controlled through Entra ID group membership?	Yes – Logging is automatic, but access to audit data is controlled via Purview permissions, which can be scoped using Entra ID groups.