Telemetry is a pretty important component of most software projects and productionization, as it allows developers to identify issues, diagnose them, and roll out fixes without manually requesting information from an end-user. However, it has the potential to be misused too. Now, Microsoft is rolling out a new capability for Teams admins that should ideally provide benefits rather than deliver harm.
Basically, audit logs for screen-sharing sessions in Teams will now also be available to Teams admins through the power of Microsoft Purview. These additional logs will help Teams admins answer critical questions regarding the identities of participants in a meeting where the screen was shared, who shared it, timestamps for when it started and when it stopped, when control was requested, taken, or given, if a request was accepted and who accepted it, and the identities of the people with whom the screen was shared.
Microsoft hopes that all of the above telemetry logs will facilitate Teams admins in identifying and putting a stop to suspicious activities, such as an employee leaking sensitive data to an external party through a screen sharing session.
These audit logs are accessible in Microsoft Purview. You need to sign in with your admin credentials, select Audit in the navigation pane on the left, and click New Search. Then, you can select timeframes and operation names like screenShared to view the relevant logs and also export them to CSV, if that improves your reading experience.
Microsoft has highlighted that the audit logs and telemetry for screen sharing and "take control" are available for all admins right now. If Teams is your preferred online communication and collaboration tool, you should also check out the list of all the new features Microsoft introduced in the software during the month of July 2025.