Hi
Can someone tell me difference between logs received from Azure AD and office 365 azure AD logs ,
So if there is a login failure to an outlook or any other o365 app, will that event be seen in both Azure AD and office 365 azure AD logs?
Yara rule help
+23What I've observed when working on users who are in the Entra ID environment that have O365 accounts, you have the ability to get Azure Sign-In events and O365 login events that both will cover successful and failed logins. If you are doing non-interactive sign-in logs, ie refresh tokens, you would see that in Azure Activity data.
If we draw a venn diagram, there is a decent amount of overlap between o365 and azure data in some regards and sign-in is one of them. That said, I believe they have different internal SLAs on delivery within MS and all things being equal I would try to have both for good coverage in case of an outage from one or the other. If I could only choose one, I'd probably go with O365.
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.