Monitoring Azure Active Directory

Azure Active Directory is the identity and directory management service that combines basic directory services, application access management, and identity protection in a single solution. The Wazuh azure-logs module requires dependencies to work as well as the right credentials to access the logs. Take a look at the prerequisites section before proceeding.

Wazuh is able to monitor the Azure Active Directory (Azure AD) service using the Activity reports provided by the Microsoft Graph REST API. Azure AD applications can make use the Microsoft Graph API to perform read operations on directory data and objects.