Currently Dataverse and Model-driven app audit data for the tenant's Default environment is not available via the M365 Security and Compliance center (data accessed via these instructions - Microsoft Dataverse and model-driven apps activity logging - Power Platform | Microsoft Docs). This is a gap particularly in that there are activities that default to this environment and users generally have more ability to perform actions in this environment. It also leads to inconsistencies in being able to locate audit records and requires our audit and compliance team to have additional access into this via PPAC. We would like to see this information be included along with the data gathered from additional environments.

Category: Dataverse