Hey,
On the alerts page can you customise the columns to show the alert ID, you can then add the alert ID to the URI, for example:
https://graph.microsoft.com/beta/security/alerts_v2/{alert-id}
Please can you advise on the results?
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi!
I'm trying to fetch related activity data for a security alert of category data loss prevention.
For example:
https://graph.microsoft.com/v1.0/security/alerts_v2?$filter=serviceSource in ('microsoftDataLossPrevention')&$orderby=createdDateTime desc
Hey,
On the alerts page can you customise the columns to show the alert ID, you can then add the alert ID to the URI, for example:
https://graph.microsoft.com/beta/security/alerts_v2/{alert-id}
Please can you advise on the results?
Hi,
In my experience, Microsoft 365 Defender advance hunting API function - CloudAppEvents can show the user activities.
Graph API advance hunting should be the same.
Hope it helps you.
Ref: