Managed log source for Azure AD Audit logs

matanolabs / matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

https://matano.dev

Apache License 2.0

1.44k stars 97 forks source link

Managed log source for Azure AD Audit logs #92

Closed Samrose-Ahmed closed 1 year ago

Samrose-Ahmed commented 1 year ago

Overview

Audit logs (directory audits) are one of the Azure AD activity logs and are a comprehensive report on every logged event in Azure AD, including changes to applications, groups, users, and licenses.

The API is available through Microsoft Graph.

Notes

https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logs