Version:

Microsoft 365/Office365

Microsoft 365/Office365 fetches and analyzes logs from Microsoft 365 Management APIs.

You can configure Microsoft 365/Office365 from Log Sources or Devices. We recommend you configure it from log source as it provdes a centralized user interface for all the configurations.

It fetches logs from:

  • Azure Active Directory

  • SharePoint

  • OneDrive

  • Exchange

  • Microsoft Teams

  • Skype For Business

  • Security Compliance Center

Microsoft 365/Office365 Components

  1. Fetcher

    • Office365 Fetcher

  2. Compiled Normalizer

    • Office365CompiledNormalizer

  3. Normalization Package

    • LP_O365 Exchange MT

  4. Alert Packages

    • LP_Office365 Security and Compliance Alert related to Access Governance

    • LP_Office365 Security and Compliance Alert related to Data Governance

    • LP_Office365 Security and Compliance Alert related to Data Loss Prevention

    • LP_Office365 Security and Compliance Alert related to Mail Flow

    • LP_Office365 Security and Compliance Alert related to Other Category

    • LP_Office365 Security and Compliance Alert related to Threat Management

    • LP_Office365 User Added to Azure Group

  5. Dashboard Packages

    • LP_Office365 Security and Compliance Alerts

    • LP_Office365 Azure AD Login Activities

    • LP_Office365 Azure AD User Account Management

    • LP_Office365 Exchange Overview

    • LP_Office365 OneDrive Anonymous Link Activities

    • LP_Office365 OneDrive File Activities

    • LP_Office365 OneDrive Folder Activities

    • LP_Office365 OneDrive Overview

    • LP_Office365 Operations by File Category

    • LP_Office365 Overview

    • LP_Office365 SharePoint File Activities

    • LP_Office365 SharePoint Folder Activities

    • LP_Office365 SharePoint Overview

  6. Report Packages

    • LP_Office365 Exchange Overview

    • LP_Office365 Azure AD User Account Management

    • LP_Office365 OneDrive Anonymous Link Activities

    • LP_Office365 OneDrive Overview

    • LP_Office365 SharePoint Folder Activities

    • LP_Office365 OneDrive File Activities

    • LP_Office365 SharePoint File Activities

    • LP_Office365 Azure AD Login Activities

    • LP_Office365 Overview

    • LP_Office365 OneDrive Folder Activities

    • LP_Office365 Operations by File Category

    • LP_Office365 SharePoint Overview

  7. KB List

    • Executables

  8. Search Template

    • LP_Office365

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support