SIEM Office 365 Alerts

SIEM Office 365 Alerts

Sections on this page

SIEM Events

Office 365 Admin Commands Run By User
Office 365 Impossible Travel
Office 365 Login From Risky Anonymous IP Detected
Office 365 Mailbox Forwarding Rules Created

Update Alternate query - event_class_id:EVENT_CATEGORY_SET_FORWARDING_MAILBOX

Office 365 Mailbox Permissions Added By User
Office 365 Malware Detected In Email
Office 365 More Than 100 Messages Purged Per Day

Updated 10-7-20

Office 365 New Country Activity
Office 365 Suspicious Email Detected
Office 365 Users Added To Groups
Office 365 Users Granting 3rd Party Access
Office 365 Users Setting Company Information
Office 365 Activity Outside USA

Office 365 - Activity Outside USA updated event definition

Office 365 New User Created

Office 365 - New User Created

Office 365 Owner Added To Group

Office 365 - Owner Added to Group

AIS Managed SIEM

Last modified March 24, 2021