Tornado Collectors
Microsoft Office 365 (O365)
Section titled “Microsoft Office 365 (O365)”Mail Data
- Mail Collection: Collects users’ emails, including sent, received, and stored messages, to analyze communication patterns and user preferences.
Entra Data
- Entra Sign-In Logs: Detailed logs of user sign-in activities, including timestamps, IP addresses, device information, and authentication status, for monitoring and analyzing access behavior.
- Entra Audit Logs: Records of administrative actions and configuration changes within the Microsoft Entra environment, providing insights into system modifications and security settings.
Google Workspace (GWS)
Section titled “Google Workspace (GWS)”Mail Data
Section titled “Mail Data”- Mail Collection: This feature collects users’ emails, including sent, received, and stored messages, to analyze communication patterns and preferences.
- Email History Information: Provides detailed records of sent and received emails.
- Label Usage Information: Tracks how users organize their emails using labels.
- Email Settings Information: Captures email account settings, including signatures, filters, and auto-responders.
Drive Activities
Section titled “Drive Activities”- Drive Usage Activities: This feature tracks activities on Google Drive, such as file sharing, editing, and viewing history.
Reports Data
Section titled “Reports Data”- Access Transparency Reports: Logs of access actions performed through Google’s systems for transparency.
- Admin Activity Reports: Records of admin actions and activities.
- Calendar Usage Reports: Provides data on Google Calendar usage and event details.
- Chat Messaging Data: Analyzes user interactions and messaging habits in Google Chat.
- Browser Usage Reports: Tracks activity and usage data from the Chrome browser.
- Context-Aware Access Reports: Reports on conditional access settings, such as device or location-based access.
- Data Studio Reports: Visualizations and insights created using Google Data Studio.
- Drive Storage Reports: General reports on storage usage and file-sharing activities in Google Drive.
- Google Cloud Platform Usage Reports: Logs of usage and activity on Google Cloud Platform (GCP).
- Google+ Usage History: Historical data for the discontinued Google+ service.
- Group Usage Information: Data on usage and interactions in Google Groups.
- Enterprise Group Usage Reports: Advanced insights into enterprise-level group usage.
- Jamboard Activity Information: Tracks activities related to Jamboard devices and software.
- Keep Notes Information: Analyzes note-taking and list management habits in Google Keep.
- User Login Reports: Logs of user account login and logout activities.
- Google Meet Meeting Reports: Participation and usage details for Google Meet meetings.
- Mobile Usage Reports: Usage data for Google Workspace applications on mobile devices.
- Policy and Rules Reports: Tracks policies and rules applied in Google Workspace.
- SAML Authentication Reports: Logs of SAML-based authentication processes.
- Token Usage Reports: Insights into OAuth tokens and their activities.
- User Account Reports: General reports on user accounts.
- Archive and Data Retention Reports: Insights into Google Vault usage for archiving and data retention.
Admin Data
Section titled “Admin Data”- Chrome OS Device Information: Management data for Chrome OS devices.
- Mobile Device Management Information: Tracks data from mobile device management (MDM) systems.
- Role Definition Information: Details roles and permissions within Google Workspace.
- Role Assignment Information: Tracks roles and responsibilities assigned to users.
- User Information: Provides detailed information about user accounts and profiles.
- Domain Management Information: Logs of domains defined under Google Workspace.