How to configure RocketCyber's Office 365 monitoring apps
Before You Begin
In order to configure *Office 365 apps, you will need a valid administrator account for each Microsoft tenant (not a global administrator account that has access to all tenants).
The admin account used to grant permissions must also have either the Security Reader or Security Administrator role
- Go to the Integrations tab in the nav menu on the left side of the scree
- Select the Microsoft tab
Link this organization to the correct Microsoft account
- If you have already logged into these accounts via the Azure portal, simply select the correct account from the list
- If you have not already logged into this account, enter the credentials
That's it! You should begin to see results within five minutes.
Removing a Microsoft Account
- Go to the Microsoft integrations tab as described in steps 2-3 above.
- Select Unlink Account
- There will be a success message if the credential was removed. Depending on the number of Office 365 detections associated with your account, you may need to refresh the page for the login button to reappear.
Accidentally Synced an Organization to the Wrong Microsoft Account
- Just remove the Microsoft account and try again!
* NOTE: GCC High, GCC and DOD are not supported versions of o365 for integration.