Microsoft 365 Outlook Out-of-the-box Data Collection Integration

Microsoft 365 Outlook Out-of-the-box Data Collection Integration

To learn more about Out-of-the-box Integrations and their benefits, please refer to this article.
In this article, we will delve into the OOTB data collection integration procedure between Lumu and Office 365 Exchange Online to share metadata from your corporate email service provider with Lumu for analysis.

It's important to mention that this integration only stores network metadata; no confidential information is stored such as file attachments, or the body of the message. The Outlook 365 Data Collection OOTB Integration with Lumu is carried out through Microsoft's APIs, which allows Lumu to fully analyze the inboxes of the integrated account while respecting the organization's configured email policies and without impacting the functioning of the email service provider negatively. 

The image below shows an example of the type of information stored by Lumu, which is presented directly in the customer's Lumu Portal:


As highlighted above, neither the contents of the message, nor any file attachments are stored; only the IoCs, email headers and the hashes of any file attachments. 

Requirements

  1. Microsoft 365
    1. Microsoft 365 Business Account
  2. Lumu License
    1. An Active Lumu Insights or Lumu Defender subscription

Add Integration

If you operate a multi-tenant organization in Microsoft Entra ID, you must create an admin user on the tenant you want to integrate into Lumu before proceeding. This will be the user the integration will be configured for. Please, refer to the Multitenant organization capabilities in Microsoft Entra ID from Microsoft for more details.
If you use an admin user of a tenant with cross-tenant synchronization enabled, the integration will analyze the emails of all connected tenants.
1. Log in to your Lumu account through the Lumu Portal and navigate to the integrations screen.


2. Locate the Microsoft 365 Outlook integration in the available apps area and click Add to view details.



3. Familiarize yourself with the integration details available in the app description and click the button below to activate the integration.


4. To activate the integration, click on the activate button and read the following instructions. After reading the instructions click again on the Activate button.


5. The Microsoft sign-in will look like the following


Remember to sign in with an Outlook 365 administrator account, since the administrator is the only one that can grant access to the whole organization.
6. When you have authenticated your account, you will see a window with the Permissions that you are going to grant access to.


7. When you finish the login process, click on Accept . The following window will allow you to give the integration a description. Then, you can select the scope to analyze mails.


8. The integration will show you how many emails have been analyzed and a dashboard with the emails analyzed per hour.


You will need to activate several integrations if you want to use different scopes.

        • Related Articles

        • Microsoft Entra ID NSG Flow Logs Custom Data Collection Integration

          Microsoft Azure is now called Entra ID In this article, you will find out how to configure your Microsoft Entra ID subscription and its Lumu Custom Data Collection integration to pull, transform, and inject Entra ID Network Security Group flow logs ...
        • Microsoft Teams Out-of-the-Box SecOps Integration

          Requirements Microsoft Teams A Microsoft Teams Essentials subscription or above An Active Lumu Insights or Lumu Defender subscription Incoming Webhooks connectors will be retired by Microsoft. We strongly advice to migrate to the Webhook model. You ...
        • Kubernetes (K8s) Out-of-the-box Data Collection Integration

          To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. In this article, you will find out how to configure your Kubernetes cluster to record and collect DNS data from your cluster network and have it sent to ...
        • Netskope Out-of-the-Box Data Collection Integration

          To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. Configure Netskope Next Gen Secure Web Gateway 1. Log in to your Netskope UI. 2. Navigate to Event Streaming . Following the next path Settings > Tools ...
        • AWS Out-of-the-Box Data Collection Integration

          To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. In this article, you will find out how to configure Amazon Web Services (AWS) to pull and collect data from your network in the form of logs, and have ...