microsoft graph
March 22, 2023 · View on GitHub
Expression
product = microsoft graph
Fields
There are no fields for this extension.
Activity Types
| Activity Type | Field | Status | Core | Detection | Informational |
|---|---|---|---|---|---|
| alert-trigger | app | ||||
| country | |||||
| city | |||||
| more_info | |||||
| result | |||||
| src_ip | Legacy | ✓ | ✓ | ||
| token_issuer_type | |||||
| email_address | |||||
| full_name | |||||
| additional_info | |||||
| sender | Legacy | ✓ | |||
| alert_id | Legacy | ✓ | |||
| action | Legacy | ✓ | |||
| email_domain | |||||
| threat_type | |||||
| state | |||||
| operation | |||||
| email_subject | |||||
| user | Legacy | ✓ | |||
| user_agent |