Office 365 Email - Viewing Security Events
Avanan records the Office 365 Mail detections as security events. The event type depends on the type of policy that created the event. You can handle the security events in different ways, whether they are detected/prevented automatically or discovered by the administrators after not being prevented.
The Events screen shows a detailed view of all the security events.
Viewing Security Events for Microsoft Quarantined Emails
To view security events for Microsoft quarantined emails:
- Go to Events from the left navigation panel.
- Select the time frame to view the security events.
- In the Threat Type filter, select the relevant threat type:
- Malware for emails Microsoft quarantined because of Malware detection or a block-listed file type.
- Phishing for emails Microsoft quarantined because of a High Confidence Phishing detection or a Transport Rule.
- Suspected Phishing for emails Microsoft quarantined because of a Phishing detection.
- Spam for emails Microsoft quarantined because of High Confidence Spam, Spam, or Bulk detections.
- In the Action Taken filter, select Email quarantined.
- In the Remediated by filter, select Microsoft.
The Events page shows all the security events for Microsoft quarantined emails. To take action on these security events, see Taking Action on Events.