Monitor Office365 Security dashboards

54 votes

So far there is no way to get a proper monitoring of the security dashboards we use in our different O365 SaaS products like Exchange Online, Cloud App Security Broker, Azure AD.

Currently, we need monitoring of the following:

* All Cloud App Security Broker Alerts
* O365 Security and Compliance > Threat Management > Investigations
(With different filters like "Pending actions" or "Threats found")
* Azure AD Connect Health: Sync Errors and Errors in the AD DS services
* Azure AD Risky Users and Risky Sign ins

Capture this monitoring data and make it available in Checkmk for a consistent single pane of glass

Under consideration Checks&Agents Suggested by: Thomas Lippert (15 Feb, '22) • Upvoted: 24 Mar • Comments: 1

Comments: 1

07 Sep, '22
mimimi
Sounds like a special agent could be a solution ?
I guess 0365 has some kind of API that returns json status and metrics over https as almost every webservice works today ?
It think we need a generic json over https special agent.
Like a local check but as json over http special agent.

Configurable with a WATO/Setup rule like this: json path componet.db.mysql.status == healthy should return OK, etc