Skip to Main Content
Microsoft Identity and Access Administrator Exam Guide
book

Microsoft Identity and Access Administrator Exam Guide

by Dwayne Natwick
March 2022
Beginner content levelBeginner
452 pages
8h 59m
English
Packt Publishing
Content preview from Microsoft Identity and Access Administrator Exam Guide

Chapter 15: Enabling and Integrating Azure AD Logs with SIEM Solutions

The previous chapter covered how to analyze, review, and investigate our logs and events to protect against risky sign-ins and elevated-risk users. This included creating reports and reviewing insights for user activity to recognize potential vulnerabilities and alert against possible threats. In this chapter, we will discuss how to integrate and enable the use of these logs with Microsoft Sentinel or a third-party security incident and event management (SIEM) solution. This will include how to use Log Analytics with Kusto queries to review activity in Microsoft Sentinel.

In this chapter, we're going to cover the following main topics:

  • Enabling and integrating Azure AD ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Exam Ref MS-500 Microsoft 365 Security Administration

Exam Ref MS-500 Microsoft 365 Security Administration

Ed Fisher, Nate Chamberlain
Exam Ref SC-300 Microsoft Identity and Access Administrator

Exam Ref SC-300 Microsoft Identity and Access Administrator

Razi Rais, Ilya Lushnikov, Jeevan Bisht, Padma Chilakapati, Vinayak Shenoy
Microsoft Azure Network Security

Microsoft Azure Network Security

Nicholas DiCola, Anthony Roman

Publisher Resources

ISBN: 9781801818049