Hello, I don't think there is a quick and straightforward way to enable collection of all M365/O365 logs to Azure Log Analytics, especially since there are many types of logs to consider. Also, Log Analytics is primarily designed to work with telemetry from Azure resources. I would recommend you read this blog post at TechCommunity. It gives a good overview of what types of logs can be collected and how. The article focuses on security areas and threat hunting, but it is still useful.
Enable log analytics in office 365 teanant.
I have 2 tenants , one office 365 tenant and one azure tenant. I want to enable log analytics in office 365 tenant with the same subscription of Azure.
Azure Monitor
2 answers
Sort by: Most helpful
-
-
Maxim Sergeev 6,586 Reputation points Microsoft Employee
2023-04-07T00:13:30.2233333+00:00 Hi there, For Office365 logs, there is only one option as out-of-the-box solution - https://learn.microsoft.com/en-us/azure/sentinel/data-connectors/office-365 It requires to have Sentinel (which is actually using Log Analytics as a main data source). But keep in mind, Sentinel costs are higher than a standalone LA.
Additionally to that, there are additional logs from AAD tenant, https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-integrate-activity-logs-with-log-analytics probably this is enough to have.