Forum Discussion
Advance Message Trace, Device Email Client
I have an Office 365 user who has somehow sent 500+ emails with a onedrive link to some shady stuff. Of course, he hasn't done this, but something has. 1. something has sent 500+ emails with sha...
Hi!
See article
https://docs.microsoft.com/en-us/office365/securitycompliance/detailed-properties-in-the-office-365-audit-log
Look at properties Client and ClientInfoString
You should be able to get the information out of Azure AD too through the sign in report
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins
Hope that answers your question!
Best, Chris
See article
https://docs.microsoft.com/en-us/office365/securitycompliance/detailed-properties-in-the-office-365-audit-log
Look at properties Client and ClientInfoString
You should be able to get the information out of Azure AD too through the sign in report
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins
Hope that answers your question!
Best, Chris
Regarding Azure AD, it says: The sign-ins report only displays the interactive sign-ins, that is, sign-ins where a user manually signs in using their username and password. Non-interactive sign-ins, such as service-to-service authentication, are not displayed in the sign-ins report.