Office 365 Admin Portal Logs

We are evaluating Office 365 and doing a POC with the product. We are starting with Visio for our test case. I want to know if there is a way to extract the logs from this portal into my Logrhythm SIEM. I have not found anything that describes how to do this.

This thread is locked. You can vote as helpful, but you cannot reply or subscribe to this thread.

Replies (2)

Kerwin Yang

Hi Gene,

To extract the logs from the Office 365 Admin portal, the results will be placed in the csv files. We can go to https://protection.office.com, navigate to Search & investigation->Audit log search, search the related logs and export the results:
Search the audit log in the Office 365 Security & Compliance Center

Thanks for your understanding.

Kerwin

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Gene Shapiro

I as looking for a way to use the API to get this data into my SIEM. I think I have found some documentation that explains it on Logrhythms site and it references Microsoft documents. This is my first time doing anything like this in the cloud and at this point does not appear to be very straightforward. But I will soldier on and get it working.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Question Info

Last updated October 1, 2021 Views 1,150 Applies to:

Office 365 Admin Portal Logs

Replies (2) 

Question Info

Replies (2)