Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

List of all event_class_id types - CAS-SIEM Integration.

Deleted
Not applicable

Hi everyone

 

I have been using Cloud App Security for a few months now and overall I have found it very useful. It gives a very good level of visibility into O365 and the Alerting is useful too.  Good work - thank you.

 

I do find it difficult to find the correct MS documentation though.  Is there a list of all the EVENT_CATEGORY_* types?  E.g. EVENT_CATEGORY_LOGIN, EVENT_CATEGORY_UPDATE_USER, EVENT_CATEGORY_SET_FORWARDING_MAILBOX etc.

 

Thanks for reading, regards

 

1 Reply

Hi Jagdip,

The categories correspond to the categories you can find under the Activity Type filter.

There isnt a written list as its constantly updating and changing.

 

Regards,

Dima.