ITarian Help

Find the desired product help

SOCaaP

SOCaaP

Version 2.2

English

Print Help
SOCaaP Alerts/Escalations > Integrate Your Office 365 Account With SOCaaP
  • Introduction
    • Logging-in To The SOCaaP Console
  • Dashboard Overview
    • Summary
    • Alerts, Incidents And Website Vulnerabilities
    • Customer Health
  • SOCaaP Alerts/Escalations
    • Log-in To The Admin Console
    • The Home Screen
    • Service Summary
    • Incidents Overview
      • Incidents
      • Threat Summary
    • Log Collection Summary
    • Threat Communication Graph
    • Tickets
    • Reports
    • Notification Settings
    • Integrate Your Office 365 Account With SOCaaP
  • SOCaaP SIEM
    • Log-in To The Admin Console
    • The Main Interface
    • The Dashboard
    • Customer Asset Management
      • Add Customers
      • Add Assets For Monitoring
        • Hard Assets
        • Soft Assets
      • Configure Nxlog And Rsyslog To Send Logs To SOCaaP Server
      • Edit Customers
    • Query Management
      • Configure Event Queries
      • Long Term Analysis
      • Configure Custom Dashboards
      • Event Field Selection Settings
    • Manage Rules
      • Manage Correlation Rules
      • Manage Tagged Rules
      • Manage Aggregation Rules
    • Incidents
      • Manage Incidents
      • Incident Category Management
      • Category Action Management
    • Lists
      • Manage Live Lists
      • Manage Live List Content
      • Manage Range List Content
      • Manage IP Range List Content
      • Manage Multiple Column List Content
    • Manage Reports
    • Administration
      • Event Collection
      • Phantom Settings
      • Manage Users
    • Appendix 1 – Field Groups And Event Items Description
    • Appendix 2 – SOCaaP Supported Logs
  • SOCaaP Web Protection
    • Add Websites
    • The Main Interface
    • The Dashboard
    • Website Data And Settings
      • Website Overview
      • Security Scans
        • Website Scans
        • Website Files Security Scans
          • Malware Scan Settings
            • Automatic Configuration
            • Manual Configuration
          • Run A Scan And View Results
          • Notifications, Malware Removal And Scheduled Scans
        • Vulnerability Scans
          • CMS Vulnerability Scans
          • OWASP Top 10 Vulnerability Scans
      • Content Delivery Network
        • Activate CDN For A Website
        • CDN Settings
        • View CDN Metrics
      • Firewall
        • WAF Statistics
        • WAF Events
        • Configure WAF Policies
        • Manage Custom Firewall Rules
      • SSL Configuration
      • DNS Configuration
      • Add Trust Seal To Your Websites
      • Back Up Your Website
        • Backup Settings
        • On-Demand Backup
        • View Backup Records And File Statistics
        • Restore And Download Website Files
        • Delete Backups
    • Manage Your Profile
  • Sensor Installation
    • Requirements
    • (Option 1) Create Installation Media
    • (Option 2) Deploy Virtual Machine Environment
      • Create A New Virtual Machine
      • Configure Memory Size
      • Configure Hard Disk
      • View VM Summary
      • Configure Network Settings
      • Select VM Startup Disk
    • Sensor Installation Steps
    • Sensor Configuration Steps
      • Login To The Web Portal
      • User Settings
      • Configure Network
      • Configure Timezone
      • Key Activation
      • (Optional) Valkyrie Key Verdict
      • (Optional) Forward Log
  • Frequently Asked Questions
  • About ITarian Security Solutions

Integrate your Office 365 Account with SOCaaP

 


You can integrate your Office 365 account with SOCaaP so any threats and behavioral anomalies are detected. Once integrated, our SOC team analyzes data logs from your Office 365 account for malware activity and other anomalies.


You have to first configure your Azure AD application and SOCaaP so as to collect data.


Configuration Steps


  • Step 1 - Create an API integration application within registry
  • Step 2 - Create security credentials for registered application
  • Step 3 - Add permissions for the registered application
  • Step 4 - Configure SOCaaP with Azure application registration attributes (Tenant Id, Client Id, Secret Key)

 


Step 1 - Create an API Integration Application within Registry


  • Log into your Azure account (https://portal.azure.com).
  • Navigate to App registrations and create a new app by clicking ‘+ New registration’
  • Fill application details as shown below:



  • Name: ITarian-SOCaaP (or any other suitable label)
  • Supported account types: Choose "Accounts int this organizational directory only"
  • Click "Register"

Note down the Application (client) ID and Directory (tenant) ID.


Step 2 - Create Security Credentials for Registered Application


  • Click ‘Certificates & Secrets’ on the left




  • Click ‘+New client secret’

  • Add a description for your client secret.

  • Select an expiration for the secret or specify a custom lifetime

    • Client secret lifetime is limited to two years (24 months) or less. You can't specify a custom lifetime longer than 24 months.

  • Click 'Add'

  • Copy the secret's value. This secret value is never displayed again after you leave this page.

Step 3 - Add Permissions for the Registered Application

  • Click ‘API Permissions’ on the left then ‘Add a Permission’
  • Click ‘Microsoft Graph’ and select ‘Application Permissions’



  • Add permissions as shown below:




  • Click ‘Add a permission’ again and select ‘Office 365 Management API’ and toggle ‘Application Permissions’



  • Add permissions as shown below:



  • Click ‘Add a permission’ and close the tab

 

Step 4 - Configure SOCaaP with Azure Application Registration Attributes (Tenant Id, Client Id, Secret Key)

  • Log into SOCaaP Customer Portal.
  • Click "Settings" at the top left of the screen and scroll down to ‘Cloud Security Settings’




  • Enter your client ID, tenant ID (generated in step 1) and secret key (generated in step 2) into the respective fields.
  • Click "Register Your Account"

That’s it, your Office 365 cloud account is integrated with SOCaaP. Contact your ITarian account manager for support if you have any trouble integrating your cloud account with SOCaaP.

Comodo Help
  • IT Platform:
  • Help
  • Scripts
  • Wiki
  • Forum
  • Developer
  • RMM
  • Patch Management
  • Service Desk
  • ITSM
  • Managed Service Provider
  • Managed Detection and Response
  • Ticketing System
  • Helpdesk
  • ITIL

Copyright 2025 Itarian