Microsoft 365 Exchange Reports collector
- Juan Tomás Alonso Nieto (Deactivated)
Overview
The Microsoft 365 Reporting web service enables developers to integrate information on email and spam, antivirus activity, compliance status, and Lync Online activities into their custom service reporting applications and web portals.
This topic provides an overview of the REST web service, the functional architecture, the reports available, and other ways you can access the reports.
Devo collector features
Feature | Details |
|---|---|
Allow parallel downloading ( |
|
Running environments |
|
Data sources
Data source | Table | Collector service | Remote endpoint | Description |
|---|---|---|---|---|
|
|
|
| Summary information about mail traffic to and from the organization |
|
|
|
| List details about Data Loss Prevention (DLP) rule matches for Exchange Online, SharePoint Online, and OneDrive for Business in your cloud-based organization |
|
|
|
| Summary information about mail traffic from spoofed (forged) senders (phishing, spam) View email security reports - Microsoft Defender for Office 365 |
|
|
|
| Results of Exchange Online Protection and Microsoft Defender for Office 365 detections in your cloud-based organization |
|
|
|
| Summary information about the processing of email messages that have passed through the Office 365 system for the organization |
|
|
|
| List a summary of Data Loss Prevention (DLP) rule matches for Exchange Online, SharePoint Online and OneDrive for Business in your cloud-based organization |
|
|
|
| List details about Exchange Online Protection and Microsoft Defender for Office 365 detections in your cloud-based organization |
|
|
|
| Detailed information about Safe Links results |
There are additional reports in the service not supported yet. You can find all the available reports/resources in the API requesting to https://reports.office365.com/ecp/reportingwebservice/reporting.svc (use your Office365 credentials) The service is also to be deprecated by Microsoft, therefore you may find reports not longer available.
For more information on how the events are parsed, visit our page.
Vendor setup
In order to configure the collector, you need to have valid Office365 credentials.
Run the collector
Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).
Change log
Release | Released on | Release type | Details | Recommendations |
|---|---|---|---|---|
| May 14, 2024 | BUG FIXING | Improvements:
Bug fixing:
|
|