SOLVED

Report Azure AD Malware Detections

Occasional Contributor

Hello together

 

I need to get the the report from Azure AD Malware Detections
The following link shows this in the Admin Center
https://protection.office.com/reportv2?id=MalwareDetections&pivot=Direction

 

Is there a way to do this from within PowerShell (as it's part of a reporting "Suite") to be able exporting it to CSV/Excel in an easier way?
Can this be achieved using the Graph API Module for PowerShell?

 

Thank you for your Help and best regards

 

Thomas

3 Replies

@TechThomas You can have a look at the Get-MailDetailATPReport cmdlet for this.

best response confirmed by TechThomas (Occasional Contributor)
Solution
Thank you for your fast response and for the pointer

the correct cmdlet for this is Get-MailTrafficATPReport.
If you type the cmdlet Get-MailTrafficATPReport with start and end date, you see all "Verdict Source" types (phish / notspam / Allow / Malware / ...)
you have to make sure that the "Verdict Source" is labeled with malware.
I checked it in admin center and compared the output with "Verdict Source" malware. this matched :)
Ah yes. Lost in cmdlet names. They all look so similar :face_with_tears_of_joy: