AZT202 - Password Spraying#
An adversary may potentially gain access to AzureAD by guessing a common password for multiple users.
Azure Active Directory
|Data Source||Application||Resource||Log Provider|
|Azure Active Directory||Azure Portal||Windows Azure Service Management API||SignInLogs|
|Azure Active Directory||Microsoft Azure PowerShell||Windows Azure Service Management API||SignInLogs|
The main difference between a successful and unsuccessful login is the 'Status' field, which will designate a "Success" or "Failure".
Azure Monitor Alert#