Microsoft Purview integrates with Microsoft 365 applications such as Exchange, SharePoint, OneDrive, and Teams, providing comprehensive data governance, compliance, and protection capabilities across these platforms. One of the standout components of this suite is the Audit Search Graph API, which is currently in public preview. It allows developers and administrators retrieve detailed audit logs programmatically, providing deep insights into user activities across Microsoft services. In this blog, I will explore the full potential of the Microsoft Purview Audit Search Graph API and demonstrate how to use the API through both PowerShell and HTTP methods.

Microsoft Graph activity logs, a component of Microsoft Graph, is now generally available. Microsoft Graph is a unified API that provides access to a wide range of Microsoft 365 services and data, enabling developers to integrate and interact with services like Outlook, OneDrive, Teams, and SharePoint through a single endpoint. Microsoft Graph activity logs provides a detailed record of user and admin activities across Microsoft 365 services, enabling monitoring, auditing, and analyzing actions within the organization's environment. In this post, I explain Microsoft Graph activity logs use cases and outline how to install and integrate them with Azure Monitor logs.

The new NetCrunch 14 release features enhanced visualizations, customizable dashboards, full dark mode, streamlined UI, an SQL Server monitoring pack, and advanced virtualization and traffic monitoring tools.

Security Onion is an open-source platform for threat hunting, security monitoring, and log management. It aggregates free tools such as Kibana, Elastic Fleet, InfluxDB, CyberChef, and Suricata. The solution provides access to these tools via a web console. I'll demonstrate how it can be used for analyzing Windows logs.