MailGuard 365 connector for Microsoft Sentinel
MailGuard 365 Enhanced Email Security for Microsoft 365. Exclusive to the Microsoft marketplace, MailGuard 365 is integrated with Microsoft 365 security (incl. Defender) for enhanced protection against advanced email threats like phishing, ransomware and sophisticated BEC attacks.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | MailGuard365_Threats_CL |
| Data collection rules support | Not currently supported |
| Supported by | MailGuard 365 |
Query samples
All phishing threats stopped by MailGuard 365
MailGuard365_Threats_CL
| where Category == "Phishing"
All threats summarized by sender email address
MailGuard365_Threats_CL
| summarize count() by Sender_Email_s
All threats summarized by category
MailGuard365_Threats_CL
| summarize count() by Category
Vendor installation instructions
Configure and connect MailGuard 365
- In the MailGuard 365 Console, click Settings on the navigation bar.
- Click the Integrations tab.
- Click the Enable Microsoft Sentinel.
- Enter your workspace id and primary key from the fields below, click Finish.
- For additional instructions, please contact MailGuard 365 support.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for