Microsoft Graph
Microsoft Graph is a Universal Rest API based log source template that enables you to fetch and analyze logs from Microsoft Graph.
Package Details
Microsoft Graph API consists of the following components:
- Universal REST API Fetcher
- MicrosoftGraphFetcher
- Compiled Normalizer
- MicrosoftGraphCompiledNormalizer
- Search Templates
- Entra ID Identity Protection
- Defender XDR Security
- Dashboards
- LP_DEFENDER XDR ALERTS
- LP_DEFENDER XDR INCIDENTS
- LP_ENTRA ID IDENTITY PROTECTION
- Alerts
- LP_Microsoft Defender XDR - High Severity Alert
- LP_Microsoft Defender XDR - Host Generating Multiple Alerts
- LP_Microsoft Defender XDR - Multiple Alerts Involving Same User
- LP_Microsoft EntraID - User at Risk
- LP_Potentially Unwanted Software Detected
- Report Template
- Entra ID Audit Activity Monitoring
Bug Fix
| Description | Issue Id | Reference Id |
| MicrosoftGraph Compiled Normalizer didn't normalize logs forwarded via Syslog Forwarder, resulting in missed logs and alerts. |
PLUG-15724 |
86733 |
Past Releases
Microsoft Graph v5.3.0
Enhancements
| Description | Issue Id | Reference Id | ||||||||||||||
|
MicrosoftGraphCompiledNormalizer is updated to map the following Microsoft Graph fields to the Logpoint fields.
|
PLUG-12017 |
84875 |
Microsoft Graph v5.2.0
Enhancements
| Description | Issue Id | Reference Id |
|
Microsoft Graph now includes two new endpoints:
for collecting logs from Microsoft Entra ID, previously Azure Active Directory. To learn more, go to Microsoft Graph. |
KB-25090 | - |
|
Microsoft Graph now includes Dashboards, Search Templates, Alerts, and a Report Template, providing deeper insights into Microsoft Graph activities and security events. To learn more, go to Microsoft Graph Analytics. |
KB-25090, KB-24409, KB-23895, KB-24519 | - |
Microsoft Graph v5.1.0
Support
If you have any questions or require assistance, create a support ticket.
Comments
Article is closed for comments.