cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Alert policy - Add mailbox permission - No detailed alert.

SB V
Brass Contributor

‎Jun 28 2023 06:47 AM

‎Jun 28 2023 06:47 AM

Alert policy - Add mailbox permission - No detailed alert.

Hi Community, 

 

I've created Alert policy that whenever someone get mailbox permissions added it should be notified to the Global administrator and it works. However, the alert doesn't have the detailed report of which is the user mailbox and who was added for mailbox permissions etc. We've just got the below alert report.

 

How to get the detailed alert saying which is the user mailbox and who was added for mailbox permissions etc. Any help would be much appreciated. 

 

A high-severity alert has been triggered

Add Mailbox Permission policy

Severity: High

Time: 6/28/2023 1:45:00 PM (UTC)

Activity: AddMailboxPermission

User: email address removed for privacy reasons

Details: AddMailboxPermission. This alert is triggered whenever someone gets access to read your user's email.

See details in the Microsoft 365 Security Center. 

Labels:
434 Views
0 Likes
2 Replies
Reply
2 Replies
cventour

‎Jun 30 2023 11:44 PM

‎Jun 30 2023 11:44 PM

Re: Alert policy - Add mailbox permission - No detailed alert.

Which product was that alert policy created in ? Was it an advanced hunting Custom Detection or was it a policy in Defender for Cloud Apps ?
0 Likes
Reply
SB V

‎Jul 03 2023 06:25 AM - edited ‎Jul 05 2023 07:10 AM

‎Jul 03 2023 06:25 AM - edited ‎Jul 05 2023 07:10 AM

Re: Alert policy - Add mailbox permission - No detailed alert.

Thank you for the response. 

I've created the alert policy as detailed in this post and getting the alert as per the screenshot I attached in my initial ask,  https://learn.microsoft.com/en-us/answers/questions/242472/alert-when-someone-is-granted-full-access...

 

However, the challenge is the alert doesn't help to understand whose  mailbox was given full access permission and who takes full access permissions and all.

 

Getting just the alert notification but it doesn't say the above details. Please help which alert policy helps us giving the detailed report.

 

Thanks!

0 Likes
Reply