A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri
☆36Sep 27, 2024Updated last year
Alternatives and similar repositories for EntraIDAuditLogToMicrosoftGraph
Users that are interested in EntraIDAuditLogToMicrosoftGraph are comparing it to the libraries listed below
Sorting:
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆119Aug 19, 2025Updated 7 months ago
- MS Entra ID Protection Guidance☆22Apr 2, 2024Updated last year
- Workflows for scheduled export of settings from an Azure AD tenant☆15Mar 3, 2026Updated 2 weeks ago
- Scripts to manage "Auto Time Zone Updater" 'tzautoupdate' service on a Windows device. Intended to be used as "Remediations", in Microsof…☆15Jul 12, 2024Updated last year
- Azure AD Security controls check.☆16Feb 25, 2023Updated 3 years ago
- Shows which M365 Objects have Privileged Access and what type (i.e. PIM, Direct, Currently Elevated)☆38May 17, 2025Updated 10 months ago
- Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconf…☆79Feb 25, 2025Updated last year
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- 😎 Awesome list of all things related to Microsoft Entra☆729Sep 1, 2025Updated 6 months ago
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆21Nov 15, 2024Updated last year
- PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️☆96Jan 5, 2026Updated 2 months ago
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆185Updated this week
- Conditional Access Reporting☆29Apr 4, 2025Updated 11 months ago
- MS Graph Commands and Tools for Blue Teamers☆51Feb 4, 2026Updated last month
- This module will create a Microsoft 365 Test Environment☆104Feb 27, 2025Updated last year
- ☆55Jan 19, 2026Updated 2 months ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago
- Microsoft Intune Custom Compliance☆42Mar 18, 2024Updated 2 years ago
- Microsoft Entra ID Security Assessment Tool☆63Jun 30, 2025Updated 8 months ago
- Sharing my KQL queries for Azure Sentinel☆208Feb 9, 2026Updated last month
- PowerShell module to manage the Entra ID device-bound passkey feature☆33Jun 5, 2024Updated last year
- inspect EntraID SCIM flows for troubleshooting☆30Nov 23, 2025Updated 3 months ago
- Automation around Entra ID☆38Jul 21, 2025Updated 8 months ago
- Root module for creating Tier Model / Delegation Model on Active Directory☆20Aug 28, 2025Updated 6 months ago
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆209Updated this week
- Microsoft Entra ID App Audit Solution (AADAppAudit)☆84Aug 28, 2024Updated last year
- Samples, scripts and resources to help you get started with Microsoft Entra API-driven inbound provisioning☆44Apr 14, 2025Updated 11 months ago
- ResearchDev - XDR & SIEM Detection☆66Apr 16, 2025Updated 11 months ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆322Oct 12, 2025Updated 5 months ago
- Think of this PS-module as a helper for Microsoft Graph version-management, connectivity and data management using Microsoft Graph.☆14Apr 28, 2025Updated 10 months ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆116Jan 18, 2026Updated 2 months ago
- ☆21Jan 3, 2026Updated 2 months ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆52Mar 1, 2026Updated 3 weeks ago
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated last year
- This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …☆2,478Dec 31, 2025Updated 2 months ago
- Self-contained Hyper-V Active Directory Lab Environment☆59Mar 13, 2026Updated last week
- Content from my blog.☆36May 5, 2025Updated 10 months ago
- Defensive-oriented Active Directory enumeration☆23Jan 22, 2016Updated 10 years ago
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆135Updated this week