HomeWinBuzzer NewsMicrosoft Graph Introduces Activity Logs to Bolster Security Measures

Microsoft Graph Introduces Activity Logs to Bolster Security Measures

Microsoft Graph's new activity logs let admins track user actions, improving threat detection and security analysis across Microsoft services.

-

Microsoft has announced the general availability of the “activity logs” feature within Microsoft Graph, marking a significant enhancement in administrators’ ability to monitor user actions and potentially preempt security threats. The introduction of activity logs aims to provide a comprehensive view of HTTP requests made to the Microsoft Graph service within a tenant’s environment, as detailed in a recent post on the Microsoft Entra Blog.

Enhanced Security and Analysis Capabilities

The new feature is designed to serve as a crucial tool in the arsenal against malicious activities, enabling detailed security analysis, threat hunting, and the monitoring of application activity. Microsoft Graph, which aggregates organizational and user data across various Microsoft services such as Microsoft 365, Enterprise Mobility + Security, and Windows, previously allowed administrators access to sign-in and audit logs. With the addition of activity logs, administrators now have the ability to track a wider range of activities, from token requests during sign-in to API request activities—including reads, writes, and deletes—and ultimately, changes in audit logs.

Utilization and Integration

To leverage the activity logs feature, organizations must meet specific requirements outlined in a Microsoft document. Once these criteria are satisfied, users can analyze their logs through the Azure Log Analytics Workspace or archive them in Azure Storage Accounts. Additionally, the logs can be integrated with third-party tools via Azure Event Hubs, offering flexibility in how the data is utilized and analyzed. Microsoft recommends that those using Azure Log Analytics apply criteria filters to focus on the data of interest, thereby optimizing usage and associated costs.

Microsoft Graph is a gateway to data and intelligence across various Microsoft products like Microsoft 365, Windows, and Azure Active Directory. It acts as a unified API (Application Programming Interface) that allows developers to build applications that can access and manipulate this data. By enabling more detailed tracking and analysis of user activity, Microsoft aims to empower organizations to more effectively identify and respond to potential security threats before they can impact their operations.

Last Updated on November 7, 2024 8:59 pm CET

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
We would love to hear your opinion! Please comment below.x
()
x
Mastodon