How can we integrate Microsoft Defender for O365 with Chronicle SIEM ?
Is it using Microsoft Graph Alert (Third Party API) ?
https://cloud.google.com/chronicle/docs/preview/siem-integrations/microsoft-graph-alert.
How can we integrate Microsoft Defender for O365 with Chronicle SIEM ?
+22I’ve played with it previously but not recently. At one point it was outputting alerts via the graph api alert. This would be set up via feed management like other o365 and entra id logging
+7- Bronze 5
@jstoner Thank you. However is it possible to get a confirmation as we do not test environment to cross verify it?
+3- Bronze 1
@jstoner Thank you. However is it possible to get a confirmation as we do not test environment to cross verify it?
Agree- The documentation could be much better around the M365 integrations.
https://cloud.google.com/chronicle/docs/ingestion/default-parsers/collect-microsoft365
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.