Overview of system-generated logs from a Data Subject Request (DSR) export

2025-06-25

The information in this article provides information about system-generated logs from a Data Subject Request (DSR) export for Microsoft apps and services. For more information about DSRs, see Data Subject Requests and the GDPR and CCPA.

What is a Data Subject Request (DSR)?

Regulations such as the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) give individuals certain rights to manage their personal data that has been collected by an employer or other type of agency or organization. In these regulations, individuals are referred to as “data subjects.” One of the rights given by these regulations is the ability for data subjects to obtain a copy of the personal data that’s been collected about them. A data subject can ask for a copy of that data through a Data Subject Request (DSR).

What’s in a DSR export of system-generated logs?

When a tenant admin requests a DSR export of system-generated logs on behalf of a data subject, the available data is exported to a location specified by the tenant admin. Usually the export request is completed in a few days, but it can take up to 30 days.

The export contains one or more folders. Each folder of data is labeled with the name of the product it originated from. Some folders may contain subfolders that have additional info within them. The exported data can span across various Microsoft services, including Microsoft 365, Azure, and Dynamics 365.

The export contains various file types. Each file ends in an extension, which indicates how you can open the file. For example, you can open a .json file in a browser or in a text editor.

The file named RequestInfo.json contains additional technical details related to the export.

What are system-generated logs?

Microsoft enterprise services, such as Microsoft 365, create system-generated logs as part of the regular operation of their service. These logs continuously record system activity over time to allow Microsoft to monitor whether systems are operating as expected. Microsoft provides tenant administrators with the ability to perform a DSR to export specific system-generated logs. Only tenant administrators can export system-generated logs. The following example shows what information in a system-generated log export might look like in JSON format:

[{
   "DateTime": "2025-02-28T12:09:29-07:00",
   "AppName": "SharePoint",
   "Action": "OpenFile",
   "IP": " ",
   "DevicePlatform": "Windows"
}]

Most system-generated logs data contain pseudonymous identifiers generated by Microsoft. Although this data can't be attributed to a specific data subject without the use of additional information, some of it may be deemed personal under GDPR's definition for "personal data." Examples of system-generated logs that may contain personal data include:

Product and service usage data such as user activity logs
Data specifically generated by the interaction of users with other systems

System-generated logs for specific products

For more information about client-related and service-related diagnostic data for Microsoft 365 apps and services (such as Word, PowerPoint, Excel, and Microsoft 365 Copilot), see Understanding Microsoft 365 diagnostic events in exported data.

For more information about system-generated logs collected by Visual Studio, see System-generated logs collected by Visual Studio.

Responding to DSRs for specific products

For information for tenant admins about how to respond to DSRs for specific products, see the following articles: