填充Microsoft安全图. [英] Populate Microsoft Security Graph.

问题描述

我不确定这是否是解决此问题的合适地点，但我找不到更合适的东西.

Hi, I am not sure this is the right place for this question, but I couldn't find something more fitting.

我目前正在使用Micorosoft Security Graph，并尝试使用一些安全警报来填充我的图形.我想知道是否有办法通过Azure监视的自定义警报来做到这一点，或者是否有办法可视化(重复)失败 在图中登录.

I am currently working with Micorosoft Security Graph, and trying to populate my graph with some security alerts. I was wondering if there was a way to do so via the custom alerts of Azure Monitoring, or if there was a way to visualize (repeated) failed sign-ins in the graph.

感谢您的支持，

西蒙.

推荐答案

如果希望获取登录报告，则可以使用Azure Active Directory报表API，该API提供对以下内容的编程访问通过基于REST的API和Microsoft Graph API beta端点进行数据 获取 从Azure Active Directory报表API 开始， 登录资源类型以获取详细信息.

If you are looking to get the signs-in report then you can use the Azure Active Directory Reporting API which provides programmatic access to data through REST-based APIs and Microsoft Graph API beta endpoint https://graph.microsoft.com/beta/auditLogs/signIns provides the user sign-in reports.   You can filter the sign-ins report on "Failure" status to get failed sign-in activities.  Also, to get access to the reporting data you need have any of these roles assigned- Security Reader, Security Administrator, Global Adminstrator.  Please refer to Get started with the Azure Active Directory reporting API, Azure AD Reporting API Prerequisites ,signIn resource type for details.

这篇关于填充Microsoft安全图.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！