Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Edge for Business Reporting Connectors enable admins to gain insights into browser-based security events with a direct Connection between Edge for Business and your preferred security solution
Security Events
The following security events can be enabled in a reporting Connector:
| Event Value | Event Description |
|---|---|
| Browser crash | Browser or tab crashed (only reported when device-level reporting is available). |
| Browser extension install | Extensions are installed, updated, or removed. |
| Malware transfer (download) | Download blocked by SmartScreen, or download block bypassed/opened by user. |
| Unsafe site visit | SmartScreen blocking page is shown or bypassed. |
| URL filtering interstitial | Web Content Filtering interstitial is shown (can be from SmartScreen's E5/MCAS or Edge management). |
| Content transfer | This event will be enabled after V1 of the reporting connector launch. |
| Content unscanned | Content failed to scan for DLP (requires Analysis connector to be configured). |
| Sensitive data transfer | Content marked as sensitive by DLP scan (requires Analysis connector to be configured). |
| Password changed | A password is changed in response to a password reuse warning. |
| Password reuse | A password is detected as reused between an enterprise account and an account on an external site. |
| Login | A sign-in to a ___domain in the specified list is successful. |
| Password breach | A password is detected as compromised as part of a known data breach. |
Reporting Providers
| Connector | Documentation Link |
|---|---|
| Splunk | Set up a Splunk Reporting Connector |
| Devicie | Set up a Devicie Reporting Connector |
| Crowdstrike | Set up a Crowdstrike Reporting Connector |
| KnowBe4 | Set up a KnowBe4 Reporting Connector |