AADSignInEventsBeta

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Tables Index

---

Defender XDR Only: This table is available in Microsoft Defender XDR advanced hunting but is not available in the Azure Monitor Log Analytics table reference.

Microsoft Entra interactive and non-interactive sign-ins

Attribute	Value
Category	Entra
Ingestion API Supported	✗ No
Defender XDR Advanced Hunting Schema	View Documentation

Solutions (1)

This table is used by the following solutions:

• Microsoft Defender XDR

---

Content Items Using This Table (6)

Hunting Queries (6)

In solution Microsoft Defender XDR:

Hunting Query	Selection Criteria
Automated email notifications and suspicious sign-in activity
Files share contents and suspicious sign-in activity

GitHub Only:

Hunting Query	Selection Criteria
Email containing malware accessed on a unmanaged device
Possible device code phishing attempts
Risky sign-in attempt from a non-managed device
Suspicious sign-in attempts from QR code phishing campaigns

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Tables Index