Microsoft Office 365 Message Trace sample event message
Use this sample event message to verify a successful integration with IBM® QRadar®.
Important: Due to formatting issues, paste the message format into a text editor and
then remove any carriage return or line feed characters.
Microsoft Office 365 Message Trace sample message when you use the Office 365 Message Trace REST API protocol
The following sample event message shows that a message was successfully delivered to the intended destination.
{"Organization":"test.oncompany.test","MessageId":"<32A2AAA5SAA4.AAAA00A6A2AA@AA00155AA5A4A6>","Received":"2020-06-02T01:29:06.3627033","SenderAddress":"username@domain.test","RecipientAddress":"testRecep@test.oncompany.test","Subject":"Azure AD Identity Protection Weekly Digest","Status":"Delivered","ToIP":null,"FromIP":"10.10.10.12","Size":76047,"MessageTraceId":"66f62cca-c8ce-4436-f519-08d80694575d","StartDate":"2020-05-31T16:34:00Z","EndDate":"2020-06-02T16:34:00Z","Index":0}| QRadar field name | Highlighted payload field name |
|---|---|
| Event ID | Status |
| Username | SenderAddress |
| Source IP | FromIP |
| Destination IP | ToIP |
| Device Time | StartDate |