Monitor Microsoft365 activity logs to gain complete visibility into your team’s communication platform.

Request a DemoRead The Docs

Use Panther’s built-in rules to monitor activity, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for Microsoft365 Logs with Panther include:

  • Monitor for potential security issues or suspicious activity in your account
  • Monitor administrative actions
  • Easily query user actions

How it works

Integration is fast and simple!

    • Create a new Application in Azure AD and provide the app credentials to Panther (see instructions in the docs)
    • Panther will parse, normalize, and analyze your log data in real-time
    • As rules are triggered, alerts are sent to your configured destinations
    • Normalized logs can be searched from Panther’s Data Explorer
    • Sit back and monitor your activity!

You can find detailed instructions on how to set up this integration here. Note, Microsoft will make log events available 12 hours after the source is created on Panther.