Microsoft 365 provides several built-in roles and allows for the creation of custom role types. See official list here: Advanced Audit Licensing Requires any of the additional licenses outlined below:.Creation of log polices up to 10 years (additional cost).Requires one of the following licenses below:.Microsoft 365 provides two levels of auditing everyone should be familiar with and the licensing requirements for each. Details on collecting data from Azure Active Directory will be provided in a follow-on blog. While Azure Active Directory data is represented in the Unified Audit Log data, additional details can be found the Azure Active Directory Sign-in and Audit Logs. Get-AdminAuditLogConfig | FL UnifiedAuditLogIngestionEnabled. Over the years, security teams have gained a deeper understanding of Microsoft 365 and Microsoft has continued to add additional auditing to the platform.įor this blog series we will focus on 6 key areas:Īuditing is now enabled by default in Microsoft 36 5, however, each organization should verify their auditing is enabled by running the following command: Microsoft 365 is a highly targeted resource that is rich with organizational data stored in Office 365, SharePoint, Teams, and other Microsoft 365 components. My goal is to help security teams better understand each method and the limits. Microsoft is good at updating doc pages and providing information, unfortunately, the answers can be spread across several different sites in various locations. Which bring me to this multi part series on how to hunt Microsoft 365 data. To my surprise, I couldn’t find a colleague that had a consolidated set of information. I was recently asked to deliver a session around hunting Microsoft 365 logs to help an organization determine the various methods and limits to each. This seemed like an easy ask and I was sure someone already put together content. Discovering Microsoft 365 Logs within your Organization
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |