Vendors Microsoft Corporation Office 365

Office 365

Microsoft Office 365 cloud productivity suite including Exchange Online, SharePoint Online, OneDrive for Business, and Azure Active Directory. Logs are captured via the Office 365 Management Activity API.

1 Data Source 3 Templates 0 Downloads

Download Package Documentation

CLI Install

Full ID

Exchange

No description available.

3 Templates

JSON Frequencyenum.medium Vol

inbox_rule_created

Records New-InboxRule operations where users create email forwarding rules, often with external forwarding to bypass administrator controls and exfiltrate sensitive data

View Preview

CLI Install

Full ID

JSON Frequencyenum.low Vol

mailbox_forwarding

Records Set-Mailbox operations that configure external email forwarding, a common data exfiltration technique where emails are automatically forwarded to external addresses

View Preview

CLI Install

Full ID

JSON Frequencyenum.low Vol

mailbox_permission_added

Records Add-MailboxPermission operations that grant mailbox access rights (FullAccess, SendAs, SendOnBehalf) to other users, providing persistent access that survives password resets

View Preview

CLI Install

Full ID