Skip to content
AAD Graph Activity Logs are now ingestible into Elastic and usable for threat detection within the SIEM/XDR solution. That sentence shouldn't be exciting, but it is. For most of the past decade, this slice of telemetry simply didn't exist as a customer-accessible log stream. Microsoft Graph Activity Logs (the modern graph.microsoft.com surface) went GA in April 2024. The legacy graph.windows.net s...
Azure AD Graph Activity Logs: Ingestion and threat detection to close the visibility gap | Huntaegis