[vc_row][vc_column][vc_column_text]What is Azure Sentinel:
https://www.youtube.com/watch?v=XXZp6LQZSJU
How do you connect Office 365 to Azure Sentinel? By connecting Office 365 to Azure Sentinel you can view all events in a single console.
From your Azure Sentinel Dashboard, click on Data connectors
[/vc_column_text][vc_single_image media=”84354″ media_width_percent=”100″][vc_column_text]From the data connectors overview page click on Office 365.[/vc_column_text][vc_single_image media=”84355″ media_width_percent=”100″][vc_column_text]From the connector page, you will see the following configuration settings.[/vc_column_text][vc_single_image media=”84356″ media_width_percent=”100″][vc_column_text]Expand Configuration and click on “click here to install solution”[/vc_column_text][vc_single_image media=”84357″ media_width_percent=”100″][vc_column_text]The solution will install, to continue expand connect tenant to Azure Sentinal.
Click on +Add tenant you will be prompted for your Global Admin credentials.[/vc_column_text][vc_single_image media=”84358″ media_width_percent=”100″][vc_column_text]Login with your administrator credentials.[/vc_column_text][vc_single_image media=”84359″ media_width_percent=”100″][vc_column_text]Once you have provided your login credentials, you will be promoted to accept the permission request for your Office 365 organisation. Azure Sentinal will read health and activity data from your organisation.[/vc_column_text][vc_single_image media=”84360″ media_width_percent=”100″][vc_single_image media=”84361″ media_width_percent=”100″][vc_single_image media=”84362″ media_width_percent=”100″][vc_single_image media=”84363″ media_width_percent=”100″][vc_column_text]Now that your Microsoft 365 organisation has been added to your Azure Sentinal, expand stream Office 365 activity logs. Click on select to select which logs you want to view in sentinel.[/vc_column_text][vc_single_image media=”84364″ media_width_percent=”100″][vc_column_text]Select Exchange and Sharepoint.[/vc_column_text][vc_single_image media=”84365″ media_width_percent=”100″][vc_column_text]Then click apply changes at the bottom[/vc_column_text][vc_single_image media=”84366″ media_width_percent=”100″][vc_column_text]On the Next section you need to select which dashboard you want to install.
Click on “Recommended dashboards” and click on Exchange Online.[/vc_column_text][vc_single_image media=”84367″ media_width_percent=”100″][vc_column_text]On the left-hand sider click on install.[/vc_column_text][vc_single_image media=”84368″ media_width_percent=”100″][vc_column_text]Do the same for Office 365 Dashboard.[/vc_column_text][vc_single_image media=”84369″ media_width_percent=”100″][vc_column_text]To view the newly installed dashboard, from the Azure Sentinel Home Dashboard click on Dashboards.[/vc_column_text][vc_single_image media=”84370″ media_width_percent=”100″][vc_column_text]Then select the dashboard you want view. In this example I will select Office 365 Dashboard and then click on “view dashboard” from the right-hand slider.[/vc_column_text][vc_single_image media=”84371″ media_width_percent=”100″][vc_column_text]From the Office 365 Dashabord, you can view the following:
- Activity by workload
- Admin Activity by Type
- Update, Create and delete activities
- Group activities
These are just some of the activities you can view from the Office 365 Dashboard in Azure Sentinel.[/vc_column_text][/vc_column][/vc_row]