填充Microsoft安全图. [英] Populate Microsoft Security Graph.
问题描述
我不确定这是否是解决此问题的合适地点,但我找不到更合适的东西.
Hi, I am not sure this is the right place for this question, but I couldn't find something more fitting.
我目前正在使用Micorosoft Security Graph,并尝试使用一些安全警报来填充我的图形.我想知道是否有办法通过Azure监视的自定义警报来做到这一点,或者是否有办法可视化(重复)失败 在图中登录.
I am currently working with Micorosoft Security Graph, and trying to populate my graph with some security alerts. I was wondering if there was a way to do so via the custom alerts of Azure Monitoring, or if there was a way to visualize (repeated) failed sign-ins in the graph.
感谢您的支持,
西蒙.
推荐答案
如果希望获取登录报告,则可以使用Azure Active Directory报表API,该API提供对以下内容的编程访问通过基于REST的API和Microsoft Graph API beta端点进行数据 获取 从Azure Active Directory报表API 开始, 登录资源类型以获取详细信息.
If you are looking to get the signs-in report then you can use the Azure Active Directory Reporting API which provides programmatic access to data through REST-based APIs and Microsoft Graph API beta endpoint https://graph.microsoft.com/beta/auditLogs/signIns provides the user sign-in reports. You can filter the sign-ins report on "Failure" status to get failed sign-in activities. Also, to get access to the reporting data you need have any of these roles assigned- Security Reader, Security Administrator, Global Adminstrator. Please refer to Get started with the Azure Active Directory reporting API, Azure AD Reporting API Prerequisites ,signIn resource type for details.
这篇关于填充Microsoft安全图.的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!