Blog Post

Microsoft Security Blog
1 MIN READ

SIEM connector now available for Office 365 Advanced Security Management

Anthony Smith (A.J.)'s avatar
Jun 05, 2017

A year ago we announced a way for you to get greater visibility and control over Office 365 with Advanced Security Management (ASM).  Since then we have added new features to help you better determine shadow IT activity, and we’ve enhanced control over 3rd party apps connected to Office 365.  We have also heard a lot of feedback on what else you want in ASM and today we are excited to announce that the ability to have centralized monitoring of ASM alerts with your SIEM is now available. Integrating with a SIEM service allows you to better protect Office 365 while maintaining your organization’s security workflow, automating security procedures and correlating between your cloud-based and on-premises events.  To learn how to setup the ASM SIEM connector please reference the documentation here.

 

Updated May 11, 2021
Version 4.0
  • ASOU AMINNEZHAD's avatar
    ASOU AMINNEZHAD
    Copper Contributor

    Hi
    i would like to know if by integrating O365 to siem  solution, there is a way to choose which logs to be pushed to siem ( means not pushing all  logs).

     

    Another question,  for email investigation recipient and sender email address  and  email title would be in the   logs,  is there any way to exclude few emails in company form being in the log?

     

    Thanks

     

     

  • Ah well, just wrapped up a post saying the SIEM connector is coming soon :)

     

    Can you share some more on the ASM roadmap and maybe provide us with a separate changelog? Every time I check the CAS changelog I get more and more by the number of features that havent made it to ASM. Files actions for example, intergration with AIP/RMS, heck even Team events are not being processed yet...