diff --git a/tools/config/ala-azure-ad_auditlogs.yml b/tools/config/ala-azure-ad_auditlogs.yml
new file mode 100644
index 000000000..18f16dfad
--- /dev/null
+++ b/tools/config/ala-azure-ad_auditlogs.yml
@@ -0,0 +1,11 @@
+title: Azure AD Audit Logs mapping for Azure Log Analytics
+order: 20
+backends:
+  - ala
+  - ala-rule
+fieldmappings:
+  category: Category
+  activityDisplayName: OperationName
+  loggedByService: LoggedByService
+  result: Result
+  initiatedBy.user.userPrincipalName: initiatedBy.user.userPrincipalName