Forum Discussion
Advanced Delivery - can't see URL clicks
We have used Advanced Delivery for a few phishing simulations and it is nice to have all the components in one place. We used to whitelist the URLs in Exchange so they were not blocked by ATP. Now th...
Hey, I am also working on getting the data of UrlClickedEvents. But I am unable to fetch the data
Is there any configuration for getting the data or can you please define the flow of getting this schema data
Thanks in advance!
Is there any configuration for getting the data or can you please define the flow of getting this schema data
Thanks in advance!
- What is the error when you try to fetch the data? I would recommend ensuring you have the proper AAD permissions assigned so you can see the data, and also review the article here (which has a sample query): https://learn.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-urlclickevents-table?view=o365-worldwide
With the proper permissions, the KQL query that is listed within this article is a good starting place for reviewing the "UrlClickEvents" data within the schema. Remember though, you will only have 30 days of data available as that is all that would be retained.- Error code while fetching data via Api is 401. I am using E5 trail account of office 365 and also i am unable to get the data via UI. Is there any other permissions i am unaware. Can you please walk through the permissions needed.
Also I think when any malware url is clicked in the specified email then this schema is invoked. So, tried it too but unable to fetch it.
