This post is part of a series where we will be using the Log Analytics workspace to store Office 365 information which will then be used to create a dashboard. We will first create the Log Analytics workspace in Azure, then create an app registration in Azure Active Directory, then a Runbook using Automation Accounts to upload data to the Log Analytics workspace and lastly we will be building a dashboard in the Log Analytics workspace.

The following posts are part of these series:

Registering an app in Azure Active Directory

We are going to register an app in Azure Active Directory which we will use to collect the necessary data. We can then connect to the Office 365 API or Graph API using this app. First browse to the Azure Active Directory on the tenant where you want to collect the data from. You can also use the direct link https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps

SNAGHTML6a6e18

Click on ‘New registration’

SNAGHTML6b4761

Fill in the required information and click on ‘Register’

SNAGHTML6c376e

Go to ‘API permissions’

SNAGHTML6ce784

Remove any permission that is not needed for this app.
Note: Only grant the least amount of privilege for this app.

SNAGHTML6ebacd

I’ve added ServiceHealth.Read for the Office 365 status and Organization.Read.All for the subscriptions information.
Next go to ‘Certificates & Secrets’ as we will be using the secret to connect to this app.

SNAGHTML708ed1

Note: You will only see the value after creating a new secret but you can create a new secret if you lost the value.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.