Product / Service | Tags | Data tables |
|---|
Microsoft 365 | cloud.office365
| cloud.office365
|
Microsoft 365 Azure Active Directory | cloud.office365.aad
| cloud.office365.aad
|
Microsoft Defender for Cloud Apps alerts | cloud.office365.cloud_apps.alerts
| cloud.office365.cloud_apps.alerts
|
Microsoft 365 Data Loss Prevention | cloud.office365.dlp
| cloud.office365.dlp
|
Microsoft Defender for Endpoint alerts | cloud.office365.endpoint.alerts
| cloud.office365.endpoint.alerts
|
Microsoft 365 Exchange | cloud.office365.exchange
| cloud.office365.exchange
|
Microsoft 365 Identity Alerts | cloud.office365.identity.alerts
| cloud.office365.identity.alerts
|
Microsoft 365 management | cloud.office365.management
| cloud.office365.management
| Note |
|---|
Union table This is a union table that collects events from a set of tables for easy access and analysis. Learn more about this union table in this article. |
|
cloud.office365.management_all
| cloud.office365.management_all
|
cloud.office365.oldmanagement
| cloud.office365.oldmanagement
|
cloud.office365.management.aip
| cloud.office365.management.aip
|
cloud.office365.management.airinvestigation
| cloud.office365.management.airinvestigation
|
cloud.office365.management.azureactivedirectory
| cloud.office365.management.azureactivedirectory
|
cloud.office365.management.cca
| cloud.office365.management.cca
|
cloud.office365.management.compliance
| cloud.office365.management.compliance
|
cloud.office365.management.compliancemanager
| cloud.office365.management.compliancemanager
|
cloud.office365.management.compliancemanagerposturemanager
| cloud.office365.management.compliancemanagerposturemanager
|
cloud.office365.management.corereporting
| cloud.office365.management.corereporting
|
cloud.office365.management.crm
| cloud.office365.management.crm
|
cloud.office365.management.dlpsensitiveinformationtype
| cloud.office365.management.dlpsensitiveinformationtype
|
cloud.office365.management.endpoint
| cloud.office365.management.endpoint
|
cloud.office365.management.exchange
| cloud.office365.management.exchange
|
cloud.office365.management.mcas
| cloud.office365.management.mcas
|
cloud.office365.management.microsoftdefenderforidentity
| cloud.office365.management.microsoftdefenderforidentity
|
cloud.office365.management.microsoftflow
| cloud.office365.management.microsoftflow
|
cloud.office365.management.microsoftforms
| cloud.office365.management.microsoftforms
|
cloud.office365.management.microsoftstream
| cloud.office365.management.microsoftstream
|
cloud.office365.management.microsoftteams
| cloud.office365.management.microsoftteams
|
cloud.office365.management.mip
| cloud.office365.management.mip
|
cloud.office365.management.myanalytics
| cloud.office365.management.myanalytics
|
cloud.office365.management.officeapps
| cloud.office365.management.officeapps
|
cloud.office365.management.onedrive
| cloud.office365.management.onedrive
|
cloud.office365.management.onedriveforbusiness
| cloud.office365.management.onedriveforbusiness
|
cloud.office365.management.powerapps
| cloud.office365.management.powerapps
|
cloud.office365.management.powerbi
| cloud.office365.management.powerbi
|
cloud.office365.management.powerplatformadmin
| cloud.office365.management.powerplatformadmin
|
cloud.office365.management.project
| cloud.office365.management.project
|
cloud.office365.management.publicendpoint
| cloud.office365.management.publicendpoint
|
cloud.office365.management.quarantine
| cloud.office365.management.quarantine
|
cloud.office365.management.rdl
| cloud.office365.management.rdl
|
cloud.office365.management.se
| cloud.office365.management.se
|
cloud.office365.management.securitycompliancecenter
| cloud.office365.management.securitycompliancecenter
|
cloud.office365.management.sharepoint
| cloud.office365.management.sharepoint
|
cloud.office365.management.skypeforbusiness
| cloud.office365.management.skypeforbusiness
|
cloud.office365.management.threatintelligence
| cloud.office365.management.threatintelligence
|
cloud.office365.management.workplaceanalytics
| cloud.office365.management.workplaceanalytics
|
cloud.office365.management.yammer
| cloud.office365.management.yammer
|
Microsoft 365 message tracing | cloud.office365.messagetracing
| cloud.office365.messagetracing
|
Microsoft 365 OneDrive | cloud.office365.onedrive
| cloud.office365.onedrive
|
- | cloud.office365.other
| cloud.office365.other
|
Microsoft 365 reports | cloud.office365.reporting.atptraffic
| cloud.office365.reporting.atpraffic
|
cloud.office365.reporting.dlp
| cloud.office365.reporting.dlp
|
cloud.office365.reporting.dlpdetail
| cloud.office365.reporting.dlpdetail
|
cloud.office365.reporting.maildetailatp
| cloud.office365.reporting.maildetailatp
|
cloud.office365.reporting.mailtraffic
| cloud.office365.reporting.mailtraffic
|
cloud.office365.reporting.messagetrace
| cloud.office365.reporting.messagetrace
|
cloud.office365.reporting.safelinksdetail
| cloud.office365.reporting.safelinksdetail
|
cloud.office365.reporting.spoofmail
| cloud.office365.reporting.spoofmail
|
Microsoft 365 security events | cloud.office365.security.alerts
| cloud.office365.security.alerts
|
cloud.office365.security.scorecontrol
| cloud.office365.security.scorecontrol
|
cloud.office365.security.scores
| cloud.office365.security.scores
|
Microsoft 365 Security & Compliance Center | cloud.office365.securitycompliancecenter
| cloud.office365.securitycompliancecenter
|
Microsoft 365 SharePoint | cloud.office365.sharepoint
| cloud.office365.sharepoint
|
Microsoft 365 SIEM agent | cloud.office365.siem_agent_alert
| cloud.office365.siem_agent.alert
|
cloud.office365.siem_agent_event
| cloud.office365.siem_agent.event
|
Microsoft 365 Teams | cloud.office365.teams
| cloud.office365.teams
|
