Monitor Office365 Security dashboards
So far there is no way to get a proper monitoring of the security dashboards we use in our different O365 SaaS products like Exchange Online, Cloud App Security Broker, Azure AD.
Currently, we need monitoring of the following:
* All Cloud App Security Broker Alerts
* O365 Security and Compliance > Threat Management > Investigations
(With different filters like "Pending actions" or "Threats found")
* Azure AD Connect Health: Sync Errors and Errors in the AD DS services
* Azure AD Risky Users and Risky Sign ins
Capture this monitoring data and make it available in Checkmk for a consistent single pane of glass
Comments: 1
-
07 Sep, '22
mimimiSounds like a special agent could be a solution ?
I guess 0365 has some kind of API that returns json status and metrics over https as almost every webservice works today ?
It think we need a generic json over https special agent.
Like a local check but as json over http special agent.
Configurable with a WATO/Setup rule like this: json path componet.db.mysql.status == healthy should return OK, etc