The Power BI activity log records every user and admin action in your Power BI environment — report views, data exports, workspace changes, and permission modifications. Use it for compliance audits, SOC 2 evidence, HIPAA logging, and FINRA retention requirements. Access via PowerShell, REST API, or the Microsoft 365 Unified Audit Log.
Key Facts
- The Power BI activity log retains events for 30 days by default.
- The Microsoft 365 Unified Audit Log retains Power BI events for 90 days (Standard) or 1 year (Audit Premium).
- Row-level security (RLS) and object-level security (OLS) are the most overlooked compliance controls in HIPAA, SOC 2, and FINRA environments.
- Power BI activity events are available via PowerShell (Get-PowerBIActivityEvent), REST API, and the M365 Unified Audit Log.
- EPC Group has completed 1,500+ Power BI deployments including regulated-industry compliance configurations.
- EPC Group managed Power BI governance services: $5,000–$15,000/month.
Tracking User and Admin Activities in Power BI Using the Activity Log
Power BI Activity Log: Track User and Admin Activities
The Power BI activity log records every user and admin action in your Power BI environment — report views, data exports, workspace changes, and permission modifications. Use it for compliance audits, SOC 2 evidence, HIPAA logging, and FINRA retention requirements. Access via PowerShell, REST API, or the Microsoft 365 Unified Audit Log.
Key facts
- The Power BI activity log retains events for 30 days by default.
- The Microsoft 365 Unified Audit Log retains Power BI events for 90 days (Standard) or 1 year (Audit Premium).
- Row-level security (RLS) and object-level security (OLS) are the most overlooked compliance controls in HIPAA, SOC 2, and FINRA environments.
- Power BI activity events are available via PowerShell (Get-PowerBIActivityEvent), REST API, and the M365 Unified Audit Log.
- EPC Group has completed 1,500+ Power BI deployments including regulated-industry compliance configurations.
- EPC Group managed Power BI governance services: $5,000–$15,000/month.
What the Power BI Activity Log Captures
The activity log records every meaningful action in your Power BI tenant. These are the events most relevant for compliance and governance.
- Report access — Who viewed which report, when, and from which workspace.
- Data exports — When users export data to Excel, CSV, or PDF — a key HIPAA and FINRA audit event.
- Workspace changes — Workspace creation, deletion, member additions, and role changes.
- Dataset refreshes — Refresh start, success, and failure events by dataset.
- Dashboard sharing — External sharing events and shared link creation.
- Admin actions — Tenant setting changes, capacity assignments, and gateway configuration.
- Permission changes — Row-level security role assignments and app permission modifications.
Accessing Activity Logs via PowerShell
PowerShell is the most common method for retrieving Power BI activity events. Use the Power BI Management module with these commands.
- Install the module:
Install-Module -Name MicrosoftPowerBIMgmt - Connect:
Connect-PowerBIServiceAccount - Retrieve events:
Get-PowerBIActivityEvent -StartDateTime "2026-01-01" -EndDateTime "2026-01-02" - Output is JSON. Parse with PowerShell or export to Azure Log Analytics for long-term retention.
- Maximum query window: 24 hours per API call. Script loops for multi-day exports.
Accessing Activity Logs via REST API
The Power BI REST API provides programmatic access to activity events. Use this approach for automated pipelines and Azure Data Factory integration.
- Endpoint:
GET https://api.powerbi.com/v1.0/myorg/admin/activityevents - Authentication: Azure AD OAuth 2.0 bearer token with Power BI Admin scope.
- Supports date filtering and continuation tokens for large event sets.
- Pipe results to Azure Blob Storage, Log Analytics, or SQL Database for long-term retention.
Using the Microsoft 365 Unified Audit Log
Power BI activity events also appear in the Microsoft 365 Unified Audit Log. This provides a centralized view across all Microsoft 365 services.
- Access via Microsoft Purview compliance portal → Audit → Search.
- Retention: 90 days (Standard), 1 year (Audit Premium E5), or up to 10 years with add-on.
- Best for cross-service correlation — link Power BI events with SharePoint, Teams, and Exchange activity.
- Supports compliance workflows: eDiscovery, SOC 2 evidence, HIPAA audit trails, and FINRA retention.
Building a Power BI Usage Analytics Dashboard
A usage analytics dashboard turns raw activity log data into actionable governance insights. Build it in Power BI itself.
- Data source: Activity log events piped to Azure Log Analytics or SQL Database.
- Key metrics: daily active users, most-viewed reports, export frequency, refresh failure rate.
- Compliance view: data export events by user, workspace, and date for audit reporting.
- Adoption view: user engagement trends by department and report.
- RLS coverage view: which datasets have row-level security enabled vs. exposed.
Compliance Use Cases
The Power BI activity log is the primary evidence source for these four compliance scenarios.
- HIPAA — Log who accessed reports containing PHI. Export events are a mandatory HIPAA audit trail item.
- SOC 2 — Activity log exports serve as evidence for logical access controls and monitoring criteria.
- FINRA — Data export events document that supervised persons accessed required disclosures.
- FedRAMP — Audit log retention and review procedures are required controls under FedRAMP Moderate (AU-2, AU-9, AU-12).
Frequently asked questions
How do I access the Power BI activity log?
Use PowerShell (Get-PowerBIActivityEvent), the Power BI REST API, or the Microsoft 365 Unified Audit Log in the Microsoft Purview compliance portal. PowerShell is simplest for ad-hoc queries. REST API is best for automated pipelines.
How long does the Power BI activity log retain events?
The Power BI activity log retains 30 days of events. The Microsoft 365 Unified Audit Log retains 90 days with Standard and 1 year with Audit Premium (E5). Add-on retention extends up to 10 years for regulated industries.
What is row-level security in Power BI?
Row-level security (RLS) restricts which rows of data a user can see in a Power BI report. It is configured in the semantic model and enforced at query time. RLS is mandatory for HIPAA, SOC 2, and FINRA regulated Power BI deployments.
Can Power BI activity logs support HIPAA audits?
Yes. Activity logs capture who accessed which report, when, and whether they exported data. This satisfies HIPAA audit control requirements. Export events involving PHI-containing reports are the most critical audit trail items.
How does EPC Group help with Power BI governance?
EPC Group designs Power BI governance frameworks including activity log pipelines, RLS/OLS implementation, usage analytics dashboards, and compliance reporting. Managed governance services start at $5,000/month.
Schedule a Power BI governance review
Talk to an EPC Group Power BI architect about activity log setup, RLS implementation, or compliance reporting. Call (888) 381-9725 or request a 30-minute discovery call.
Why Organizations Choose EPC Group
EPC Group is a Houston-based Microsoft consulting firm with 29 years of enterprise implementation experience and over 10,000 successful deployments across Power BI, Microsoft Fabric, SharePoint, Azure, Microsoft 365, and Copilot. We serve organizations across all industries including Fortune 500, federal agencies, healthcare, financial services, government, manufacturing, energy, education, retail, technology, and global enterprises.
What sets EPC Group apart is our governance-first approach. Every engagement begins with a security and compliance assessment. Our team of senior architects brings hands-on delivery experience across HIPAA, SOC 2, FedRAMP, and CMMC environments. We own outcomes, not hours.
- Fixed-fee accelerators with predictable pricing and defined deliverables
- Senior architect engagement on every project, not rotating juniors
- Compliance-native delivery for regulated industries
- End-to-end coverage from strategy through 24/7 managed services
- 11,000+ enterprise engagements refined into repeatable, risk-controlled patterns
Call (888) 381-9725 or email contact@epcgroup.net for a free assessment.
Power BI Strategy: 2026 Considerations for Tracking User Admin Activities In Power BI Using Activity Log
Direct Lake mode has changed the economics of enterprise Power BI in 2026: instead of importing data into Vertipaq, semantic models now query OneLake-resident Parquet files at near-Import-mode performance without the refresh-window cost. For a Fortune 500 finance organization migrating from a 30-minute Import-mode refresh, the equivalent Direct Lake model typically queries fact data in under 800 ms while removing the entire refresh-orchestration job from Azure Data Factory.
Row-level security (RLS) and object-level security (OLS) in Power BI Premium and Fabric F-SKU capacities are the single most-overlooked compliance control in HIPAA, SOC 2, and FINRA-regulated environments. RLS scoped via service principal authentication (rather than embedded UPN passes) is the only pattern that survives a SOC 2 Type II auditor privilege-walk test. EPC Group includes service-principal RLS as a default in every regulated-industry Power BI engagement.
Decision factors EPC Group evaluates
- Capacity sizing decision (F2/F4/F64+) tied to peak concurrent users and refresh window
- Copilot grounding quality assessment of semantic-model metadata
- Direct Lake mode adoption for Fabric-resident semantic models
- License optimization audit (Pro vs Premium Per User vs F-SKU)
- Row-level security via service principal authentication
EPC Group covers this topic across the relevant engagement portfolio. Reach the firm at contact@epcgroup.net for a 30-minute architect conversation.