The following product notification applies to Change Auditor version 7.0.4, released February 4, 2020. The issue only applies to companies who are auditing Azure Active Directory and/or Office 365 events with Change Auditor.
How does this affect me?
Creating a new Azure AD or Office 365 auditing template may fail with an “The remote server returned an error: (504) Gateway Timeout” error.
Beginning in January, 2020, Microsoft began deprecating their IdentityRiskEvents API, which Change Auditor uses to collect risk events from Azure AD tenants.
Change Auditor was updated in version 7.0.4 to use the latest iteration of the Microsoft Graph API, and per our documentation, it is necessary to re-create any existing web applications used for Azure AD and Office 365 auditing templates to take advantage of this change. However, when re-creating the auditing template, Change Auditor still attempts to verify the required permissions using the deprecated API – and so if the IdentityRiskEvents API has been deprecated in your Azure AD tenant, you will see the following error in the MicrosoftCloudPlugins log, and creation of the audit template will fail:
The remote server returned an error: (504) Gateway Timeout
Microsoft is gradually rolling out the removal of this API across customer tenants, so you would only be impacted if Microsoft has already deployed the API change to your Azure AD tenant.
Select a Change Auditor version 7.0.3 agent to create the Azure AD or Office 365 auditing template(s).
A hotfix for Change Auditor version 7.0.4 will be made available shortly which resolves this issue. Please review the following knowledge article, Error when trying to create an Azure AD or O365 template: “The remote server returned an error: (504) Gateway Timeout” for further details on this issue.We apologize for the inconvenience this issue may have caused and we are working quickly correct it.