Microsoft 365 connector for Microsoft Sentinel
The Microsoft 365 (formerly, Office 365) activity log connector provides insight into ongoing user activities. You will get details of operations such as file downloads, access requests sent, changes to group events, set-mailbox and details of the user who performed the actions. By connecting Microsoft 365 logs into Microsoft Sentinel you can use this data to view dashboards, create custom alerts, and improve your investigation process. For more information, see the Microsoft Sentinel documentation.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | OfficeActivity (SharePoint) OfficeActivity (Exchange) OfficeActivity (Teams) |
| Data collection rules support | Not currently supported |
| Supported by | Microsoft Corporation |
Next steps
For more information, go to the related solution in the Azure Marketplace.