Removing a bunch of recently added users to a group based on audit logs

I added a bunch of users to one of my groups by mistake and need to remove them. I know they were added in the last few weeks, so I figured using the audit logs to identify these would be the best approach.

When users are added to a group the “Add member to group” event is generated. So I can use the following to get all such events:

I don’t want every single group, just mine.

An example entry from the output of the above looks like this:

The TargetResources have the info we need.

So I must filter for the group by its Id.

And then to get just the user Ids I can do:

And finally, to remove these users:

That’s it!