REN-ISAC TAG Service Announcement: O365 Community Scripts Repository

["Manjak, Martin" <mmanjak () ALBANY EDU>]

Greetings Everyone;

The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A 
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.

In addition to the scripts, here's some of the information you will find on the site:

               o A description of the different types of O365 logs available by license tier.
               o How and what tools can be used to pull those logs.
               o How to export those logs to external tools (e.g., SIEM).
               o A collection of tested, production scripts from REN-ISAC members.

This project is intended to encourage further community-of-practice collaborations and contributions (e.g., a GAFE 
repository) to sustain and increase the value of this open source resource.

Participation
Contributions are welcome, whether new scripts, documentation, or improvements to existing work. Refer to 
CONTRIBUTING.md[3] for details.

Scripts currently published include:
  + MessageTraceLogGatherer
  + O365_Clear_Forwarding
  + O365_Find_Forwarding_Duplicates
  + O365_Get_InboxRules
  + O365_Get_Last_PW_Reset
  + O365_Get_Mailbox_Forwarding
  + O365_Get_Message_Trace

Feedback and Proposals
Please share your thoughts about this service offering and submit proposals for similar projects via tag-comment () 
lists ren-isac net<mailto:tag-comment () lists ren-isac net>.
======================

[1] https://www.ren-isac.net/about/governance/tag.html

[2] https://github.com/renisac/O365-Management-and-Log-Scripts

[3] https://github.com/renisac/O365-Management-and-Log-Scripts/blob/master/CONTRIBUTING.md


Martin Manjak, CISSP
Chief Information Security Officer
Information Technology Services
University at Albany
1400 Washington Ave., ITB 102F
Albany, NY 12222
518/442-6411
mmanjak () albany edu<mailto:mmanjak () albany edu>