Adding Activity types from O365

%3CLINGO-SUB%20id%3D%22lingo-sub-1005884%22%20slang%3D%22en-US%22%3EAdding%20Activity%20types%20from%20O365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1005884%22%20slang%3D%22en-US%22%3E%3CP%3EIs%20there%20any%20way%20to%20add%20more%20O365%20Apps%20and%2For%20activity%20types%3F%20There%20are%20many%20types%20of%20O365%20Admin%20events%20that%20are%20not%20available%20in%20the%20Activity%20Log%20in%20MCAS.%20I%20am%20specifically%20thinking%20of%20activities%20in%20the%20Security%20Center%20and%20Compliance%20Center.%20Being%20able%20to%20monitor%20administrative%20changes%20in%20those%20centers%20would%20be%20helpful.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1005884%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20App%20Security%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1078670%22%20slang%3D%22en-US%22%3ERe%3A%20Adding%20Activity%20types%20from%20O365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1078670%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Dean%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3Ewould%20you%20be%20able%20to%20share%20more%20on%20what%20exact%20activities%20you%20are%20looking%20for%3F%3C%2FP%3E%0A%3CP%3EAs%20of%20now%2C%20you%20can%20filter%20admin%20activities%20using%20the%20%22Activity%20Admin%22%20filter.%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHope%20this%20helps.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1082375%22%20slang%3D%22en-US%22%3ERe%3A%20Adding%20Activity%20types%20from%20O365%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1082375%22%20slang%3D%22en-US%22%3EChanges%20to%20Labels%20(Sensitivity%20and%20Retention)%2C%20changes%20to%20Policies%2C%20changes%20to%20Permissions%20in%20both%20centers%2C%20basically%20any%20item%20that%20could%20be%20configured%20as%20part%20of%20an%20organizations%20baselined%20security%20or%20compliance%20policy%20should%20be%20monitored%20and%20changes%20to%20it%20eligible%20for%20generating%20an%20alert%3C%2FLINGO-BODY%3E
Highlighted
Respected Contributor

Is there any way to add more O365 Apps and/or activity types? There are many types of O365 Admin events that are not available in the Activity Log in MCAS. I am specifically thinking of activities in the Security Center and Compliance Center. Being able to monitor administrative changes in those centers would be helpful.

2 Replies
Highlighted

Hi Dean,

 

would you be able to share more on what exact activities you are looking for?

As of now, you can filter admin activities using the "Activity Admin" filter. 

Hope this helps.

Highlighted
Changes to Labels (Sensitivity and Retention), changes to Policies, changes to Permissions in both centers, basically any item that could be configured as part of an organizations baselined security or compliance policy should be monitored and changes to it eligible for generating an alert