Forum Discussion
Tables in Sentinel and Schemas in MS365
Just wondering if there is any common data between Sentinel and MS365? I can easily get file certificate information from schemas in MS365 but it is hardly to find the information from any tables wh...
So in M365 you have the Devicennnnnn Tables - I assume its in there you are looking?
These Tables can optionally be brought into Sentinel (at a cost), so have you done that (if not you may not have the data)? Look at the "Microsoft 365 Defender" connector in Sentinel.
The main schema difference: is TimeStamp --> TimeGenerated within Sentinel - so if the M365 query has that you will have to correct it in Seninel.
These Tables can optionally be brought into Sentinel (at a cost), so have you done that (if not you may not have the data)? Look at the "Microsoft 365 Defender" connector in Sentinel.
The main schema difference: is TimeStamp --> TimeGenerated within Sentinel - so if the M365 query has that you will have to correct it in Seninel.
- Hello, sorry for late replying, I failed to log on to this community due to network issue, have tried according to your answer, it resolves my problem ,thanks so much~ Amazing answer: )
