DLP_Alert:__Sensitive_information_message_was_sent_Office 365_Exchange

Alert

DLP: Sensitive information message was sent (DlpRuleMatch)

SK4 unified event:
Connector/Service

Office 365/Exchange

SK4 Version:

2.3.105

Created Date:

Mon Jan 21 2019 15:57:37 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue Jun 18 2019 11:12:09 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

A security alert has been detected. A message was sent by email from an internal email address to an external email address.

Search query

cef_vendor="skyformation" cef_name="security-threat-detected" destinationServiceName="Office 365" sourceServiceName="Exchange" fileType="message" act="send-mail" dpriv="DLP"

Parsed CEF
Unparsed raw data

Expand to see an example...

Audit sources