Oct 21 2019
- last edited on
May 24 2021
Does anyone know how to get data from the O365 Security and Compliance center report dashboards into Sentinel? specifically the Malware Detection data
Nov 13 2019 11:59 AM
Alerts are documented in the schema here. https://docs.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api...
Looks like audit log has two entries for ThreatIntelligence
One for Exchange ATP, and one for Onedrive/SP/Teams ATP