Under the email collaboration in Defender365, there are a set of reports that report things such as malware detected in emails, spam blocks, etc... that I'd like to pull that aren't available on the two APIs https://api.security.microsoft.com/api/incidents or https://api.security.microsoft.com/api/alerts.
Is anyone aware of an API with which I can pull this raw data so that I can use it in my already existing data visualization tools? Much appreciated,.
I tried using the existing APIs but they didn't come back with the intended results and the documentation doesn't seem to point to where one can find this.
You may find something here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/management-apis?view=o365-worldwide Although I will say that after a quick skim, it doesn't seem that Microsoft exposes that data. Microsoft documentation surrounding this API also seems to be lacking. They will hopefully update it in the next few months as they feel the squeeze from their customers as they deprecate other modules/APIs.