Alerts
Low
Medium
High
MITRE ATT&CK Map
LIVE ATTACK ONGOING
No live attacks to show.
Generate Incident Report
| Incident ID | Summary | SEVERITY | TIME/DATE | MITRE ATTACK | GENERATE REPORT |
|---|---|---|---|---|---|
| No incidents yet. | |||||
ClaudeWazuh
Your automated SOC analyst. Ask me about current alerts, threats, or security posture.
ARIA is thinking...
Use tool:
:wazuh
:m365
:wazuh
:m365
GPT-4o ✦
Microsoft 365 Dashboard
Entra ID
Exchange
OneDrive / SharePoint
⚠ Alert Logs
Searching
Sign-In Logs
| Time | User | IP Address | Location | Status | MFA Result | App | Device OS |
|---|---|---|---|---|---|---|---|
| Click Load All to fetch data. | |||||||
MFA / Security Info Changes
| Time | Event | Target User | Initiated By | Result | IP |
|---|---|---|---|---|---|
| Click Load All to fetch data. | |||||
Account Actions (Disable / Enable / Password Reset)
| Time | Action | Target User | Initiated By | Result |
|---|---|---|---|---|
| Click Load All to fetch data. | ||||
Registered MFA Methods
| Method Type | Device / Detail | Registered |
|---|---|---|
| Click Load All to fetch data. | ||
Searching
External & Suspicious Emails (BEC keyword match highlighted)
| Time | Mailbox | From | Subject | Read | Attachment | Flag |
|---|---|---|---|---|---|---|
| Click Load All to fetch data. | ||||||
Inbox Rules
| User | Rule Name | Enabled | Forward To | Deletes Mail | Move To Folder |
|---|---|---|---|---|---|
| Click Load All to fetch data. | |||||
Mailbox Forwarding
| User | SMTP Forwarding | Auto-Reply |
|---|---|---|
| Click Load All to fetch data. | ||
Searching
OneDrive File Activity
| Time | Action | File / Resource | IP |
|---|---|---|---|
| Select a user and click Refresh. | |||
OAuth App Grants
| App Name | Scopes | Consent Type |
|---|---|---|
| Select a user and click Refresh. | ||
Scanning API…
Sign-In Alert Log (auto-classified from sign-in data)
| Detected | Severity | Alert Type | User | IP | Location | Status | Flags |
|---|---|---|---|---|---|---|---|
| Loading… | |||||||