Managed log source for Microsoft Graph

matanolabs / matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

https://matano.dev

Apache License 2.0

1.46k stars 100 forks source link

Managed log source for Microsoft Graph #75

Open Samrose-Ahmed opened 1 year ago

Samrose-Ahmed commented 1 year ago

Overview

Microsoft Graph is a unified API for access to many relevant Microsoft/Azure logs & resources.

Puller

The advantage of Microsoft Graph is we can implement a largely unified poller, and only have to define transforms/schemas for each source within the Graph API.

[x] Implement Microsoft Graph puller

Tables

Relevant tables to target:

[ ] Azure Active Directory
- [x] #76
- [ ] Provisioning logs
- [x] #92
- [ ] Identity Protection logs