Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Cortex Xdr o365 compliance email

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Cortex Xdr o365 compliance email

L2 Linker

hi

 

 we integrated o365 API with cortex we have concern 

what it will do it will do anything?

what is the use compliance mail it block spam or malicious attachment 

4 REPLIES 4

L5 Sessionator

Hello @RajeshPremSingh ,

 

 Thank you for reaching out to our Live Community.

Integrating O365 API with Cortex XDR means, you will be ingesting logs from O365 to Cortex.Cortex XDR can ingest the following logs and data from Microsoft Office 365 Management Activity API and Microsoft Graph API using the Office 365 data collector. Cortex XDR as a tool, will not take any action.

 

efore you can collect Microsoft Office 365 emails, you need to setup a compliance email account, and then configure an Email Flow Rule. This rule ensures to Blind carbon copy (Bcc) every message sent to, from, and within the organization to a defined compliance mailbox. After the Office 365 data collector ingests the emails, they are deleted from the compliance mailbox to prevent email from building up over time (nothing touches the actual users’ mailboxes).

 

https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Ingest-Logs...

 

If you feel this has answered your query, please let us know by clicking on "mark this as a Solution". Thank you.

 

 

 

Ashutosh Patil

Sry this thing i can read from document  i need more info what the thing can do  and how to create compliance mail

L2 Linker

Hi @aspatil ,

Once ingesting the o365 email logs to cortex XDR, is it can be doing any action? for example detecting URLs, attachments, or recipients' domains.

if it is malicious is cortex block the URL, attachment or Domain?

 

How can we ensure that the emails are deleted from the compliance mailbox after Office 365 data collector ingests the emails?
Is there a suggested email flow rule that specify a timeline like every hour cleanup?

  • 1510 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!