Azure AD Graph Activity Logs: Ingestion and threat detection to close the visibility gap (opens in new tab)
Azure AD Graph Activity Logs land in Elastic with full ECS parsing. Detect ROADrecon and AADInternals enumeration with ready-to-use detection rules.
Read the original article