SOLVED

Report Azure AD Malware Detections

%3CLINGO-SUB%20id%3D%22lingo-sub-2682733%22%20slang%3D%22en-US%22%3EReport%20Azure%20AD%20Malware%20Detections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2682733%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20together%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20need%20to%20get%20the%20the%20report%20from%20Azure%20AD%20Malware%20Detections%3CBR%20%2F%3EThe%20following%20link%20shows%20this%20in%20the%20Admin%20Center%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fprotection.office.com%2Freportv2%3Fid%3DMalwareDetections%26amp%3Bpivot%3DDirection%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fprotection.office.com%2Freportv2%3Fid%3DMalwareDetections%26amp%3Bpivot%3DDirection%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20a%20way%20to%20do%20this%20from%20within%20PowerShell%20(as%20it's%20part%20of%20a%20reporting%20%22Suite%22)%20to%20be%20able%20exporting%20it%20to%20CSV%2FExcel%20in%20an%20easier%20way%3F%3CBR%20%2F%3ECan%20this%20be%20achieved%20using%20the%20Graph%20API%20Module%20for%20PowerShell%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20for%20your%20Help%20and%20best%20regards%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThomas%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2683083%22%20slang%3D%22en-US%22%3ERe%3A%20Report%20Azure%20AD%20Malware%20Detections%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2683083%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1136180%22%20target%3D%22_blank%22%3E%40TechThomas%3C%2FA%3E%26nbsp%3BYou%20can%20have%20a%20look%20at%20the%20Get-%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fpowershell%2Fmodule%2Fexchange%2Fget-maildetailatpreport%3Fview%3Dexchange-ps%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMailDetailATPReport%3C%2FA%3E%20cmdlet%20for%20this.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hello together

 

I need to get the the report from Azure AD Malware Detections
The following link shows this in the Admin Center
https://protection.office.com/reportv2?id=MalwareDetections&pivot=Direction

 

Is there a way to do this from within PowerShell (as it's part of a reporting "Suite") to be able exporting it to CSV/Excel in an easier way?
Can this be achieved using the Graph API Module for PowerShell?

 

Thank you for your Help and best regards

 

Thomas

3 Replies

@TechThomas You can have a look at the Get-MailDetailATPReport cmdlet for this.

best response confirmed by TechThomas (Occasional Contributor)
Solution
Thank you for your fast response and for the pointer

the correct cmdlet for this is Get-MailTrafficATPReport.
If you type the cmdlet Get-MailTrafficATPReport with start and end date, you see all "Verdict Source" types (phish / notspam / Allow / Malware / ...)
you have to make sure that the "Verdict Source" is labeled with malware.
I checked it in admin center and compared the output with "Verdict Source" malware. this matched :)
Ah yes. Lost in cmdlet names. They all look so similar :face_with_tears_of_joy: