Christmas is just around the corner and the year is coming to a close.
Usually this last quarter is one of the busiest of the year for the companies as the last orders needs to be closed before the financial year closes.
So when January comes we should be filled with renewed energy and a lot of new years resolutions that needs to be fulfilled.
One of them could be how to advance our skillset, maybe get inspired to take on new projects to move the business forward or simply just meet some old or maybe new friends and get a feeling of what direction the industry is heading in 2018.
Here are a couple of the “must attend” events in the first quarter of 2018, both in Copenhagen.
One of the things we found after moving the mail to Office 365 is that sometimes mail will get moved to the Junk mail folder even though the Exchange Online spam filter and Outlook configuration was modified in a way that would allow mail to arrive in the Inbox.
So what is happening?
Although we have changed the configuration in Outlook and Exchange Online, we still have a junk email rule per mailbox in Exchange. This behaviour has been present since Exchange 2010 but we are seeing this becoming an issue when mailboxes are being migrated from on-premises (where it have been disabled) to Exchange Online that have the junk email configuration enabled by default.
In this second part we will focus on the LogRhythm configuration and use the informations obtained in the first part of the series, Preparing Azure AD (Office 365) for SIEM Integration. This will complete the integration and allow us to obtain audit logs directly from Azure and Office 365 into our SIEM solution.
Office 365 (O365) allows customers to host their Office solution in the Microsoft cloud. With the proper credentials and configuration, it’s possible for the LogRhythm System Monitor to collect O365 management events from the following applications through the Office 365 Management Activity API: