Email trace logs in the Microsoft Office 365 integration


Is it possible to get the email trace logs (delivery status, sender, recipient, subject and attachments fields) in the Microsoft Office 365 integration in the Kibana 7.16.3?

Some of these fields are presented at creation/deleteion moments but it's impossible to determine answer for questions

  • is the email delivered and to whom?
  • is it opened for reading or not?

It seems the corresponding functionality is absent.

Best regards,

1 Like

I've looked around and realized the many other SIEM products (for example Qradar, Splunk) have this functionality.
Because the one of the primary attack vector is email delivery such the functionality is obviously a basic primary need.
And very strange for me to find a SIEM product without ability to analyze emails traces.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.