Audit provides the following Best Practices built in searches:
- Microsoft Entra successful application consent events in the past 30 days
- Sharing operations on important file types within past 7 days
- Teams guest access enabled or disabled in the past 30 days