Input Sources Supported by Microsoft Graph Security API

RakeshM1500 · ‎Jun 10 2019

As currently supported providers are mainly Azure Products and some 3rd Party products like PaloAlto i wanted to know do we have any custom way something like JSON, Alerts from Kusto that can be used to ingest Alerts to Graph Security API and further create workflows on them?

Preeti_Krishna · ‎Jun 14 2019

Basically Microsoft Graph Security API is a REST API that federates requests to different security products running in your tenant and aggregates the response back and returns the output in JSON format that can be then be sent to Kusto. The value here is aggregating data from multiple disparate security products and provide results in a unified schema. Basically you can send input (ODATA) queries to the API to talk to security products like Azure Security Center, Microsoft Defender ATP, Office 365 ATP, etc. Details are here which provides an overview of the API followed by the alerts schema. The API connects with alerts sources (security products) and not databases like Kusto.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Input Sources Supported by Microsoft Graph Security API

Input Sources Supported by Microsoft Graph Security API

Re: Input Sources Supported by Microsoft Graph Security API