Quarantined emails with malware in Sentinel

%3CLINGO-SUB%20id%3D%22lingo-sub-1496068%22%20slang%3D%22en-US%22%3EQuarantined%20emails%20with%20malware%20in%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1496068%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20%2C%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%60m%20struggling%20a%20bit%20to%20find%20a%20solution%20to%20see%20the%20Quarantied%20Emails%20with%20Malware%20in%20Sentinel%20.%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20you%20guys%20have%20any%20ideea%20of%20a%20KQL%20Query%20or%20a%20built%20in%20connector%20to%20achieve%20this%20%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EAdrian%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hi , 

 

I`m struggling a bit to find a solution to see the Quarantied Emails with Malware in Sentinel . 

Do you guys have any ideea of a KQL Query or a built in connector to achieve this ? 

 

Thanks,

Adrian 

1 Reply

@brunhuber : I assume you mean Office 365 security center alerts on malicious e-mails. On Office 365 SCC connector is on its way.