To find out if this integration is available in your organization, see your Datadog Integrations page or ask your organization administrator.
To initiate an exception request to enable this integration for your organization, email support@ddog-gov.com.
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel,
n'hésitez pas à nous contacter.
Overview
Use the Microsoft Graph security API to connect Microsoft security products, services, and partners to streamline security operations and improve threat protection, detection, and response capabilities.
The Microsoft Graph security API is an intermediary service (or broker) that provides a single programmatic interface to connect multiple Microsoft Graph security providers (also called security providers or providers). Requests to the Microsoft Graph security API are federated to all applicable security providers. The results are aggregated and returned to the requesting application in a common schema.
This integration gathers security events from the following products:
- Microsoft Entra ID Protection
- Microsoft 365 Defender
- Microsoft Defender for Cloud Apps
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Office 365
- Microsoft Purview Data Loss Prevention
- Microsoft Sentinel
Setup
To collect Microsoft Graph Events, click Authorize to authenticate using OAuth.
To integrate Microsoft Graph with Datadog, the authenticated user must have the following permission scopes:
offline_accessAPIConnectors.Read.AllSecurityAlert.Read.All
Data Collected
Logs
Microsoft Graph collects all available Microsoft Graph Security Events.
Troubleshooting
Need help? Contact Datadog support.
