Table of Contents

NetworkAccess-Reports.Read.All

Allows the app to read all network access reports on behalf of the signed-in user.

Merill's Note

For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the NetworkAccess-Reports.Read.All permission.

If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the Export-MsIdAppConsentGrantReport command. See How To: Run a quick OAuth app audit of your tenant

Category Application Delegated
Identifier 40049381-3cc1-42af-94ec-5ce755db4b0d b0c61509-cfc3-42bd-9bd4-66d81785fee4
DisplayText Read all network access reports Read all network access reports
Description Allows the app to read all network access reports without a signed-in user. Allows the app to read all network access reports on behalf of the signed-in user.
AdminConsentRequired Yes Yes

Graph Methods

Resources

Granting this permission allows the calling application to access (and/or update) the following information in your tenant.

Graph reference: networkAccessTraffic

Property Type Description
action microsoft.graph.networkaccess.filteringPolicyAction Indicates the action taken based on filtering policies. The possible values are: block, allow, unknownFutureValue, bypass, alert. Use the Prefer: include-unknown-enum-members request header to get the following values from this {evolvable enum}(/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): bypass , alert.
agentVersion String Represents the version of the Global Secure Access (GSA) client agent software. Supports $filter (eq) and $orderby.
applicationSnapshot microsoft.graph.networkaccess.applicationSnapshot Destination Application ID accessed in Azure AD during the transaction. Supports $filter (eq) and $orderby.
connectionId String Represents a unique identifier assigned to a connection. Supports $filter (eq) and $orderby.
createdDateTime DateTimeOffset Represents the date and time when a network access traffic log entry was created. Supports $filter (eq) and $orderby.
description String Informational error message. For example: "Threat intelligence detected a transaction and triggered an alert." or "The Global Secure Access (GSA) policy blocked the destination and triggered an alert." Supports $filter (eq) and $orderby.
destinationFQDN String Represents the Fully Qualified Domain Name (FQDN) of the destination host or server in a network communication. Supports $filter (eq) and $orderby.
destinationIp String Represents the IP address of the destination host or server in a network communication. Supports $filter (eq) and $orderby.
destinationPort Int32 Represents the network port number on the destination host or server in a network communication. Supports $filter (eq) and $orderby.
destinationUrl String Represents the URL of the destination in a network communication. Supports $filter (eq) and $orderby.
destinationWebCategory microsoft.graph.networkaccess.webCategory The destination FQDN's Web Category (e.g., Gambling). Supports $filter (eq) and $orderby.
deviceCategory microsoft.graph.networkaccess.deviceCategory Represents the category classification of a device within a network infrastructure. The possible values are: client, branch, unknownFutureValue. Supports $filter (eq) and $orderby.
deviceId String Represents a unique identifier assigned to a device within a network infrastructure. Supports $filter (eq) and $orderby.
deviceOperatingSystem String Represents the operating system installed on a device within a network infrastructure. Supports $filter (eq) and $orderby.
deviceOperatingSystemVersion String Represents the version or release number of the operating system installed on a device within a network infrastructure. Supports $filter (eq) and $orderby.
filteringProfileId String The ID of the Filtering Profile associated with the action performed on traffic. Supports $filter (eq) and $orderby.
filteringProfileName String The name of the Filtering Profile associated with the action performed on traffic. Supports $filter (eq) and $orderby.
headers microsoft.graph.networkaccess.headers Represents the headers included in a network request or response. Supports $filter (eq) and $orderby.
httpMethod microsoft.graph.networkaccess.httpMethod The HTTP method inspected in the intercepted HTTP traffic. Supports $filter (eq) and $orderby.
initiatingProcessName String The process initiating the traffic transaction. Supports $filter (eq) and $orderby.
networkProtocol microsoft.graph.networkaccess.networkingProtocol Represents the networking protocol used for communication. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. Supports $filter (eq) and $orderby.
operationStatus microsoft.graph.networkaccess.networkTrafficOperationStatus Indication if traffic was successfully processed. The possible values are: success, failure, unknownFutureValue. Supports $filter (eq) and $orderby.
policyId String Represents a unique identifier assigned to a policy. Supports $filter (eq) and $orderby.
policyName String The name of the filtering policy associated with the action performed on traffic. Supports $filter (eq) and $orderby.
policyRuleId String Represents a unique identifier assigned to a policy rule. Supports $filter (eq) and $orderby.
policyRuleName String The name of the rule associated with the action performed on traffic. Supports $filter (eq) and $orderby.
popProcessingRegion String The Point-of-Presence processing region of the traffic. Supports $filter (eq) and $orderby.
privateAccessDetails microsoft.graph.networkaccess.privateAccessDetails Details about private access traffic. Supports $filter (eq) and $orderby.
receivedBytes Int64 Represents the total number of bytes received in a network communication or data transfer. Supports $filter (eq) and $orderby.
remoteNetworkId String The ID from which traffic was sent or received, providing visibility into the origin of the traffic. Supports $filter (eq) and $orderby.
resourceTenantId String Tenant ID that owns the resource. Supports $filter (eq) and $orderby.
responseCode Int32 The HTTP response code inspected in the intercepted HTTP traffic. Supports $filter (eq) and $orderby.
sentBytes Int64 Represents the total number of bytes sent in a network communication or data transfer. Supports $filter (eq) and $orderby.
sessionId String Represents a unique identifier assigned to a session or connection within a network infrastructure. Supports $filter (eq) and $orderby.
sourceIp String Represents the source IP address in a network communication. Supports $filter (eq) and $orderby.
sourcePort Int32 Represents the network port number on the source host or device in a network communication. Supports $filter (eq) and $orderby.
tenantId String Represents a unique identifier assigned to a tenant within a network infrastructure. Supports $filter (eq) and $orderby.
threatType String The type of threat detected in the traffic. Supports $filter (eq) and $orderby.
trafficType microsoft.graph.networkaccess.trafficType Represents the type or category of network traffic. The possible values are: internet, private, microsoft365, all, unknownFutureValue. Supports $filter (eq) and $orderby.
transactionId String Represents a unique identifier assigned to a specific transaction or operation. Key. Supports $filter (eq) and $orderby.
transportProtocol microsoft.graph.networkaccess.networkingProtocol Represents the transport protocol used for communication. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. Supports $filter (eq) and $orderby.
userId String Represents a unique identifier assigned to a user. Supports $filter (eq) and $orderby.
userPrincipalName String Represents the user principal name (UPN) associated with a user. Supports $filter (eq) and $orderby.
vendorNames Collection(String) The name of the vendors who detected the threat. Supports $filter (eq) and $orderby.