We've had Wazuh pulling Office 365 logs for a while now but last month we updated the list of bad passwords and were wondering how many people we might have tripped up with that change.
We reached into Wazuh only to find out that "Self-service Password Management" wasn't being pulled into wazuh only the final change that happened at 6:31:10 AM:
Is this a limit of MS Graph or Wazuh? ossec-alerts-28.log don't show these events in the orange box.