cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

URL Clic API for MDO ?

jeffazure
Copper Contributor

‎Sep 09 2021 10:57 PM

‎Sep 09 2021 10:57 PM

URL Clic API for MDO ?

Hello everyone,
TL;DR : is it a MDO SafeLinks API, or a Microsoft 365 Defender where we can check whether a URL has been clicked or not?

I'm a security officer, working with Azure sentinel and logic apps. I frequently receive security incidents where I have to investigate if users accessed bad URLs.
I want too automate this a bit and set up a logic app for that.
Do you know if there is any documentation on this (and if this feature is available)?
807 Views
0 Likes
3 Replies
Reply
3 Replies
pvanberlo

‎Sep 09 2021 11:50 PM

‎Sep 09 2021 11:50 PM

Re: URL Clic API for MDO ?

@jeffazure Unfortunately I do not believe there is an API for this. For Microsoft Defender for Office 365's SafeLinks functionality, there is however a PowerShell cmdlet in the Exchange Online module. It's called Get-UrlTrace and can be used to determine who clicked on a URL.

0 Likes
Reply
Saravananvelu

‎Mar 19 2024 03:55 AM

‎Mar 19 2024 03:55 AM

Re: URL Clic API for MDO ?

@pvanberlo is there an API available for submitting an email sample via automation and retrieving the analysis results?

0 Likes
Reply
Joe Stocker

‎Mar 30 2024 12:23 PM

‎Mar 30 2024 12:23 PM

Re: URL Clic API for MDO ?

No need for an API. The Microsoft Defender XDR Connector Inside Sentinel will pull in the UrlClickEvents table inside Sentinel, so you can create an Analytic Rule to query the UrlClickEvents table.
0 Likes
Reply