Skip to main content
Skip table of contents

Data Loss Prevention 1

Vendor Documentation

https://docs.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api-reference

Classification

Rule NameRule TypeCommon EventClassification
Data Loss PreventionBase RuleData Loss Prevention ActivityActivity

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
TSN/AN/AN/A
SESSID<session>Text/StringSession information
COMMAND<command>Text/StringCommand name
USERTYPEN/AN/AType of user
USERKEYN/AN/AUser key informations hexadecimal value
WORKLOAD

<process>

<vendorinfo>

Text/StringAudit log record type
RESULTCODE<result>Text/StringResults
OBJECT<object>Text/StringObject name
USER<login>Text/StringSource user name
SIP<sip>Ip AddressSource IP address
SharePointMetadata.From<sender>Text/StringN/A
SharePointMetadata.ItemCreationTimeN/AN/AN/A
SharePointMetadata.SiteCollectionUrlN/AN/AN/A
SharePointMetadata.FileName<object>Text/StringN/A
SharePointMetadata.FileOwnerN/AN/AN/A
SharePointMetadata.FilePathUrlN/AN/AN/A
SharePointMetadata.DocumentLastModifierN/AN/AN/A
SharePointMetadata.DocumentSharerN/AN/AN/A
ExchangeMetadata.MessageIDN/AN/AN/A
ExchangeMetadata.From<sender>Text/StringN/A
ExchangeMetadata.To<recipient>Text/StringN/A
ExchangeMetadata.CCN/AN/AN/A
ExchangeMetadata.BCCN/AN/AN/A
ExchangeMetadata.Subject<subject>Text/StringN/A
ExchangeMetadata.SentN/AN/AN/A
SensitiveInfoDetectionIsIncludedN/AN/AN/A
ExceptionInfo.ReasonN/AN/AN/A
ExceptionInfo.JustificationN/AN/AN/A
ExceptionInfo.FalsePositiveN/AN/AN/A
PolicyDetailsN/AN/AN/A
PolicyName<poilcy>Text/StringN/A
Rules.RuleName<objectname>Text/StringN/A
Rules.ActionsN/AN/AN/A
Rules.Severity<severity>Text/StringN/A
Rules.RuleNameN/AN/AN/A
Rules.ConditionsMatched.SensitiveInformation.ConfidenceN/AN/AN/A
Rules.ConditionsMatched.SensitiveInformation.CountN/AN/AN/A
Rules.ConditionsMatched.SensitiveInformation.DocumentPropertiesN/AN/AN/A
Rules.ConditionsMatched.SensitiveInformation.OtherConditionsN/AN/AN/A
AccessScopeN/AN/AN/A

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close