NetworkAccess.ReadWrite.All
Allows the app to read and write all network access information and configuration settings on behalf of the signed-in user.
Merill's Note
For an app to access data in Microsoft Graph, the user or administrator must grant it the permissions it needs. This article lists all the Microsoft Graph APIs and your tenant data that can be accessed by the application (vendor/developer) if you consent to the
NetworkAccess.ReadWrite.Allpermission.If you need to create an audit report of the permissions granted to all the apps in your tenant, you can run the
Export-MsIdAppConsentGrantReportcommand. See How To: Run a quick OAuth app audit of your tenant
| Category | Application | Delegated |
|---|---|---|
| Identifier | b10642fc-a6cf-4c46-87f9-e1f96c2a18aa | ae2df9c5-f18d-4ec4-a51b-bdeb807f177b |
| DisplayText | Read and write all network access information | Read and write all network access information |
| Description | Allows the app to read and write all network access information and configuration settings without a signed-in user. | Allows the app to read and write all network access information and configuration settings on behalf of the signed-in user. |
| AdminConsentRequired | Yes | Yes |
Graph Methods
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods |
|---|
→ API supports delegated access (access on behalf of a user)
→ API supports app-only access (access without a user)
| Methods | |
|---|---|
→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)
| Commands |
|---|
→ Command supports delegated access (access on behalf of a user)
→ Command supports app-only access (access without a user)
| Commands | |
|---|---|
Resources
Granting this permission allows the calling application to access (and/or update) the following information in your tenant.
- association
- bgpConfiguration
- networkaccess-branchconnectivityconfiguration
- networkaccess-branchsite
- conditionalAccessSettings
- connection
- connectionSummary
- crossTenantAccessSettings
- deviceLink
- discoveredApplicationSegmentReport
- enrichedAuditLogs
- enrichedAuditLogsSettings
- filteringPolicy
- filteringProfile
- filteringRule
- forwardingPolicy
- forwardingPolicyLink
- forwardingProfile
- forwardingRule
- fqdnFilteringRule
- m365ForwardingRule
- networkAccessTraffic
- policyLink
- policyRule
- privateAccessForwardingRule
- remoteNetwork
- remoteNetworkConnectivityConfiguration
- remoteNetworkHealthEvent
- ruleDestination
- tunnelConfiguration
- usageProfilingPoint
- webCategoryFilteringRule
Graph reference: association
Graph reference: bgpConfiguration
| Property | Type | Description |
|---|---|---|
| ipAddress | String | Specifies the BGP IP address. |
| localIpAddress | String | Specifies the BGP IP address of peer (Microsoft, in this case). |
| peerIpAddress | String | Specifies the BGP IP address of customer's on-premise VPN router configuration. |
| asn | Int32 | Specifies the ASN of the BGP. |
Graph reference: networkaccess-branchconnectivityconfiguration
| Property | Type | Description |
|---|---|---|
| branchId | String | Unique identifier or a specific reference assigned to a branchSite. Key. |
| branchName | String | Display name assigned to a branchSite. |
| links | microsoft.graph.networkaccess.connectivityConfigurationLink collection | List of connectivity configurations for deviceLink objects. |
Graph reference: networkaccess-branchsite
| Property | Type | Description |
|---|---|---|
| bandwidthCapacity | Int64 | Determines the maximum allowed Mbps (megabits per second) bandwidth from a branch site. The possible values are:250,500,750,1000. |
| connectivityState | microsoft.graph.networkaccess.connectivityState | Determines the branch site status. The possible values are: pending, connected, inactive, error. |
| id | String | Identifier for the branch. Inherited from microsoft.graph.entity. |
| lastModifiedDateTime | DateTimeOffset | last modified time. |
| name | String | Name. |
| region | microsoft.graph.networkaccess.region | Specify the region closest to your remote network. The possible value are: eastUS, eastUS2, westUS, westUS2, westUS3, centralUS, northCentralUS, southCentralUS, northEurope, westEurope, franceCentral, germanyWestCentral, switzerlandNorth, ukSouth, canadaEast, canadaCentral, southAfricaWest, southAfricaNorth, uaeNorth, australiaEast, westCentralUS, centralIndia, southEastAsia, swedenCentral, southIndia, australiaSouthEast, koreaCentral, koreaSouth, polandCentral, brazilSouth, japanEast, japanWest, koreaSouth, italyNorth, franceSouth, israelCentral, unknownFutureValue. |
| version | String | The branch version. |
| country (deprecated) | String | The branch site is created in the specified country. **D |
Graph reference: conditionalAccessSettings
| Property | Type | Description |
|---|---|---|
| id | String | Identifier. Inherited from microsoft.graph.entity. |
| signalingStatus | microsoft.graph.networkaccess.status | When SignalingStatus is enabled, the Conditional Access policy includes zero trust network access information. The possible values are: enabled, disabled. |
Graph reference: connection
| Property | Type | Description |
|---|---|---|
| agentVersion | String | The version of the client that initiated the connection. |
| applicationSnapshot | microsoft.graph.networkaccess.applicationSnapshot | appId (or client ID) of the destination Microsoft Entra application. |
| createdDateTime | DateTimeOffset | The time the connection was created. |
| destinationFqdn | String | The destination FQDN of the connection. |
| destinationIp | String | The destination IP of the connection. |
| destinationPort | Int32 | The destination port of the connection. |
| deviceCategory | microsoft.graph.networkaccess.deviceCategory | The category of the device. The possible values are: client, branch, unknownFutureValue, remoteNetwork. Use the Prefer: include-unknown-enum-members request header to get the following values from this evolvable enum: remoteNetwork. |
| deviceId | String | The DeviceID. |
| deviceOperatingSystem | String | The device operating system type. |
| deviceOperatingSystemVersion | String | The device operating system version. |
| endDateTime | DateTimeOffset | The time the connection was terminated. |
| id | String | The unique identifier for the connection. Inherited from microsoft.graph.entity. |
| initiatingProcessName | String | The process initiating the traffic connection. |
| lastUpdateDateTime | DateTimeOffset | When the connection was last updated. |
| networkProtocol | microsoft.graph.networkaccess.networkingProtocol | The network protocol of the connection. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. |
| popProcessingRegion | String | The Point-of-Presence processing region of the traffic. |
| privateAccessDetails | microsoft.graph.networkaccess.privateAccessDetails | Private access details. |
| receivedBytes | Int64 | Accumulative bytes received. |
| sentBytes | Int64 | Accumulative bytes sent. |
| sourceIp | String | The source IP of the connection. |
| sourcePort | Int32 | The source port of the connection. |
| status | microsoft.graph.networkaccess.connectionStatus | Status of the connection. The possible values are: open, active, closed, unknownFutureValue. |
| tenantId | String | The ID of the tenant where the connection was initiated. |
| trafficType | microsoft.graph.networkaccess.trafficType | The type of traffic. The possible values are: internet, private, microsoft365, all, unknownFutureValue, microsoft. Use the Prefer: include-unknown-enum-members request header to get the following values from this evolvable enum: microsoft. |
| transactionBlockCount | Int32 | The number of blocked transactions belonging to the connection. |
| transactionCount | Int32 | The number of transactions belonging to the connection. |
| transportProtocol | microsoft.graph.networkaccess.networkingProtocol | The transport protocol of the connection. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. |
| userId | String | The user ID. |
| userPrincipalName | String | The principal name of the user. |
Graph reference: connectionSummary
| Property | Type | Description |
|---|---|---|
| totalCount | Int32 | Total number of connections for the specified traffic type. |
| trafficType | microsoft.graph.networkaccess.trafficType | The type of network traffic these connections represent. The possible values are: internet, private, microsoft365, all, unknownFutureValue. |
Graph reference: crossTenantAccessSettings
| Property | Type | Description |
|---|---|---|
| id | String | Identifier. Inherited from microsoft.graph.entity. |
| networkPacketTaggingStatus | microsoft.graph.networkaccess.status | Determines if a header with the user tenant ID is inserted into the network traffic. .The possible values are: enabled, disabled. |
Graph reference: deviceLink
| Property | Type | Description |
|---|---|---|
| bgpConfiguration | microsoft.graph.networkaccess.bgpConfiguration | The border gateway protocol specifies the Border Gateway Protocol (BGP) IP address and ASN for directing traffic from a link to the edge. |
| bandwidthCapacityInMbps | Int64 | Determines the maximum allowed Mbps (megabits per second) bandwidth from a device link. The possible values are:250,500,750,1000. |
| deviceVendor | microsoft.graph.networkaccess.deviceVendor | Specifies the manufacturer of the deviceLink. The possible values are: barracudaNetworks, checkPoint, ciscoMeraki, citrix, fortinet, hpeAruba, netFoundry, nuage, openSystems, paloAltoNetworks, riverbedTechnology, silverPeak, vmWareSdWan, versa, other. |
| id | String | Identifier. Inherited from microsoft.graph.entity. |
| ipAddress | String | The public IP address of your CPE (customer premise equipment) device. |
| lastModifiedDateTime | DateTimeOffset | last modified time. |
| name | String | Name. |
| tunnelConfiguration | microsoft.graph.networkaccess.tunnelConfiguration | The connectivity settings, including the protocol, IPSec policy, and preshared key, are specified for establishing connectivity. |
| version | String | Version. |
Graph reference: discoveredApplicationSegmentReport
| Property | Type | Description |
|---|---|---|
| accessType | microsoft.graph.networkaccess.accessType | The type of access used to connect to this application segment. The possible values are: quickAccess, privateAccess, unknownFutureValue, appAccess. Use the Prefer: include-unknown-enum-members request header to get the following values from this evolvable enum: appAccess. |
| deviceCount | Int32 | The number of unique devices that have accessed this application segment. |
| discoveredApplicationSegmentId | String | The unique identifier for this discovered application segment. |
| firstAccessDateTime | DateTimeOffset | The date and time when this application segment was first accessed. |
| fqdn | String | The fully qualified domain name associated with this application segment. |
| ip | String | The IP address associated with this application segment. |
| lastAccessDateTime | DateTimeOffset | The date and time when this application segment was last accessed. |
| port | Int32 | The port number used to access this application segment. |
| totalBytesReceived | Int64 | The total number of bytes received from this application segment. |
| totalBytesSent | Int64 | The total number of bytes sent to this application segment. |
| transactionCount | Int32 | The number of transactions recorded for this application segment. |
| transportProtocol | microsoft.graph.networkaccess.networkingProtocol | The transport protocol used to access this application segment. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. |
| userCount | Int32 | The number of unique users who have accessed this application segment. |
Graph reference: enrichedAuditLogs
| Property | Type | Description |
|---|---|---|
| exchange | microsoft.graph.networkaccess.enrichedAuditLogsSettings | Exchange Online enriched audit logs settings. |
| id | String | Id Inherited from microsoft.graph.entity. |
| sharepoint | microsoft.graph.networkaccess.enrichedAuditLogsSettings | SharePoint Online enriched audit logs settings. |
| teams | microsoft.graph.networkaccess.enrichedAuditLogsSettings | Teams enriched audit logs settings. |
Graph reference: enrichedAuditLogsSettings
| Property | Type | Description |
|---|---|---|
| status | microsoft.graph.networkaccess.status | Define the current status of the enrichment feature for a particular workload. The possible values are: enabled, disabled, unknownFutureValue. |
Graph reference: filteringPolicy
| Property | Type | Description |
|---|---|---|
| createdDateTime | DateTimeOffset | The date and time when the filtering Policy was originally created. |
| description | String | A description of the filtering policy. Inherited from microsoft.graph.networkaccess.policy. |
| id | String | The identifier for the filtering policy. Inherited from microsoft.graph.entity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when a particular profile was last modified or updated. |
| name | String | The display name for the filtering policy. Inherited from microsoft.graph.networkaccess.policy. |
Graph reference: filteringProfile
| Property | Type | Description |
|---|---|---|
| createdDateTime | DateTimeOffset | The date and time when the filteringProfile was created. |
| description | String | A description of the filtering profile. Inherited from microsoft.graph.networkaccess.profile. |
| id | String | The distinct identifier that is assigned to a specific profile. Inherited from microsoft.graph.entity. |
| lastModifiedDateTime | DateTimeOffset | The date and time when a particular profile was last modified or updated. Inherited from microsoft.graph.networkaccess.profile. |
| name | String | The name of the profile. Inherited from microsoft.graph.networkaccess.profile. |
| priority | Int64 | The priority used to order the profile for processing within a list. |
| state | microsoft.graph.networkaccess.status | The profile state. Inherited from microsoft.graph.networkaccess.profile. The possible values are: enabled, disabled. |
Graph reference: filteringRule
| Property | Type | Description |
|---|---|---|
| destinations | microsoft.graph.networkaccess.ruleDestination collection | Possible destinations and types of destinations accessed by the user in accordance with the network filtering policy, such as IP addresses and FQDNs/URLs. |
| id | String | A unique ID for the rule. Inherited from microsoft.graph.networkaccess.policyRule. |
| name | String | The display name of the rule. Inherited from microsoft.graph.networkaccess.policyRule. |
| ruleType | microsoft.graph.networkaccess.networkDestinationType | The rule types that specify the basis for filtering. The possible values are: url, fqdn, ipAddress, ipRange, ipSubnet, and webCategory. |
Graph reference: forwardingPolicy
| Property | Type | Description |
|---|---|---|
| description | String | Forwarding policy description. Inherited from microsoft.graph.networkaccess.policy. |
| id | String | Identifier for the forwarding policy. Inherited from microsoft.graph.entity. |
| name | String | Forwarding policy name. Inherited from microsoft.graph.networkaccess.policy. |
| trafficForwardingType | microsoft.graph.networkaccess.trafficForwardingType | Traffic type for forwarding policy. The possible values are: m365, internet, private. |
| version | String | Forwarding policy version. Inherited from microsoft.graph.networkaccess.policy. |
Graph reference: forwardingPolicyLink
| Property | Type | Description |
|---|---|---|
| id | String | Unique identifier. Inherited from microsoft.graph.entity. |
| state | microsoft.graph.networkaccess.status | Link Status. Inherited from microsoft.graph.networkaccess.policyLink. The possible values are: enabled, disabled. |
| version | String | Version number. Inherited from microsoft.graph.networkaccess.policyLink. |
Graph reference: forwardingProfile
| Property | Type | Description |
|---|---|---|
| associations | microsoft.graph.networkaccess.association collection | Specifies the users, groups, devices, and remote networks whose traffic is associated with the given traffic forwarding profile. |
| description | String | Profile description. Inherited from microsoft.graph.networkaccess.profile. |
| id | String | Identifier for the profile. Inherited from microsoft.graph.entity. |
| lastModifiedDateTime | DateTimeOffset | Profile last modified time. Inherited from microsoft.graph.networkaccess.profile. |
| name | String | Profile name. Inherited from microsoft.graph.networkaccess.profile. |
| priority | Int32 | Profile priority. |
| state | microsoft.graph.networkaccess.status | Determines whether the profile is active or inactive. Inherited from microsoft.graph.networkaccess.profile. The possible values are: enabled, disabled. |
| trafficForwardingType | microsoft.graph.networkaccess.trafficForwardingType | Profile traffic type. The possible values are: m365, internet, private. |
| version | String | Version. |
Graph reference: forwardingRule
| Property | Type | Description |
|---|---|---|
| action | microsoft.graph.networkaccess.forwardingRuleAction | The action to apply to traffic. The possible values are: bypass, forward, unknownFutureValue. |
| destinations | microsoft.graph.networkaccess.ruleDestination collection | Destinations maintain a list of potential destinations and destination types that the user may access within the context of a network filtering policy. This includes IP addresses and fully qualified domain names (FQDNs)/URLs. |
| id | String | Identifier. Inherited from microsoft.graph.entity. |
| name | String | Name. Inherited from microsoft.graph.networkaccess.policyRule. |
| ruleType | microsoft.graph.networkaccess.networkDestinationType | The network destination type used by a URL filtering policy is defined, which can include types such as IP (Internet Protocol) or FQDN (Fully Qualified Domain Name). The possible values are: url, fqdn, ipAddress, ipRange, ipSubnet. |
Graph reference: fqdnFilteringRule
| Property | Type | Description |
|---|---|---|
| destinations | microsoft.graph.networkaccess.ruleDestination collection | The list of potential destinations and destination types that the user may access, including FQDNs and web categories, within the context of a network filtering policy. Inherited from microsoft.graph.networkaccess.filteringRule. |
| id | String | The unique identifier for the fqdnFilteringRule. Inherited from microsoft.graph.networkaccess.filteringRule. |
| name | String | Display name. Inherited from microsoft.graph.networkaccess.filteringRule. |
| ruleType | microsoft.graph.networkaccess.networkDestinationType | The network destination type used by a filtering rule. Supports a subset of the values for **n |
Graph reference: m365ForwardingRule
| Property | Type | Description |
|---|---|---|
| action | microsoft.graph.networkaccess.forwardingRuleAction | The action applies to traffic. The possible values are: bypass, forward. |
| category | microsoft.graph.networkaccess.forwardingCategory | Defines the category of Office 365 traffic used by a forwarding rule for Microsoft 365 traffic (for example, optimized traffic). The possible values are: default, optimized, allow. |
| destinations | microsoft.graph.networkaccess.ruleDestination collection | destinations à Maintains the list of potential destinations and destination types that the user could be accessing in the context of a forwarding policy, including IPs and FQDNs/URLs Inherited from microsoft.graph.networkaccess.forwardingRule. |
| ID | String | Identifier. Inherited from microsoft.graph.entity. |
| name | String | Name. Inherited from microsoft.graph.networkaccess.policyRule. |
| ports | String collection | The port(s) used by a forwarding rule for Microsoft 365 traffic are specified to determine the specific network port(s) through which the Microsoft 365 traffic is directed and forwarded. |
| protocol | microsoft.graph.networkaccess.networkingProtocol | Defines the networking protocol type used by a forwarding rule for Microsoft 365 traffic. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII |
| ruleType | microsoft.graph.networkaccess.networkDestinationType | Destination Type. Inherited from microsoft.graph.networkaccess.forwardingRule. The possible values are: url, fqdn, ipAddress, ipRange, ipSubnet, webCategory. |
Graph reference: networkAccessTraffic
| Property | Type | Description |
|---|---|---|
| action | microsoft.graph.networkaccess.filteringPolicyAction | Indicates the action taken based on filtering policies. The possible values are: block, allow, unknownFutureValue, bypass, alert. Use the Prefer: include-unknown-enum-members request header to get the following values from this {evolvable enum}(/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): bypass , alert. |
| agentVersion | String | Represents the version of the Global Secure Access (GSA) client agent software. Supports $filter (eq) and $orderby. |
| applicationSnapshot | microsoft.graph.networkaccess.applicationSnapshot | Destination Application ID accessed in Azure AD during the transaction. Supports $filter (eq) and $orderby. |
| connectionId | String | Represents a unique identifier assigned to a connection. Supports $filter (eq) and $orderby. |
| createdDateTime | DateTimeOffset | Represents the date and time when a network access traffic log entry was created. Supports $filter (eq) and $orderby. |
| description | String | Informational error message. For example: "Threat intelligence detected a transaction and triggered an alert." or "The Global Secure Access (GSA) policy blocked the destination and triggered an alert." Supports $filter (eq) and $orderby. |
| destinationFQDN | String | Represents the Fully Qualified Domain Name (FQDN) of the destination host or server in a network communication. Supports $filter (eq) and $orderby. |
| destinationIp | String | Represents the IP address of the destination host or server in a network communication. Supports $filter (eq) and $orderby. |
| destinationPort | Int32 | Represents the network port number on the destination host or server in a network communication. Supports $filter (eq) and $orderby. |
| destinationUrl | String | Represents the URL of the destination in a network communication. Supports $filter (eq) and $orderby. |
| destinationWebCategory | microsoft.graph.networkaccess.webCategory | The destination FQDN's Web Category (e.g., Gambling). Supports $filter (eq) and $orderby. |
| deviceCategory | microsoft.graph.networkaccess.deviceCategory | Represents the category classification of a device within a network infrastructure. The possible values are: client, branch, unknownFutureValue. Supports $filter (eq) and $orderby. |
| deviceId | String | Represents a unique identifier assigned to a device within a network infrastructure. Supports $filter (eq) and $orderby. |
| deviceOperatingSystem | String | Represents the operating system installed on a device within a network infrastructure. Supports $filter (eq) and $orderby. |
| deviceOperatingSystemVersion | String | Represents the version or release number of the operating system installed on a device within a network infrastructure. Supports $filter (eq) and $orderby. |
| filteringProfileId | String | The ID of the Filtering Profile associated with the action performed on traffic. Supports $filter (eq) and $orderby. |
| filteringProfileName | String | The name of the Filtering Profile associated with the action performed on traffic. Supports $filter (eq) and $orderby. |
| headers | microsoft.graph.networkaccess.headers | Represents the headers included in a network request or response. Supports $filter (eq) and $orderby. |
| httpMethod | microsoft.graph.networkaccess.httpMethod | The HTTP method inspected in the intercepted HTTP traffic. Supports $filter (eq) and $orderby. |
| initiatingProcessName | String | The process initiating the traffic transaction. Supports $filter (eq) and $orderby. |
| networkProtocol | microsoft.graph.networkaccess.networkingProtocol | Represents the networking protocol used for communication. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. Supports $filter (eq) and $orderby. |
| operationStatus | microsoft.graph.networkaccess.networkTrafficOperationStatus | Indication if traffic was successfully processed. The possible values are: success, failure, unknownFutureValue. Supports $filter (eq) and $orderby. |
| policyId | String | Represents a unique identifier assigned to a policy. Supports $filter (eq) and $orderby. |
| policyName | String | The name of the filtering policy associated with the action performed on traffic. Supports $filter (eq) and $orderby. |
| policyRuleId | String | Represents a unique identifier assigned to a policy rule. Supports $filter (eq) and $orderby. |
| policyRuleName | String | The name of the rule associated with the action performed on traffic. Supports $filter (eq) and $orderby. |
| popProcessingRegion | String | The Point-of-Presence processing region of the traffic. Supports $filter (eq) and $orderby. |
| privateAccessDetails | microsoft.graph.networkaccess.privateAccessDetails | Details about private access traffic. Supports $filter (eq) and $orderby. |
| receivedBytes | Int64 | Represents the total number of bytes received in a network communication or data transfer. Supports $filter (eq) and $orderby. |
| remoteNetworkId | String | The ID from which traffic was sent or received, providing visibility into the origin of the traffic. Supports $filter (eq) and $orderby. |
| resourceTenantId | String | Tenant ID that owns the resource. Supports $filter (eq) and $orderby. |
| responseCode | Int32 | The HTTP response code inspected in the intercepted HTTP traffic. Supports $filter (eq) and $orderby. |
| sentBytes | Int64 | Represents the total number of bytes sent in a network communication or data transfer. Supports $filter (eq) and $orderby. |
| sessionId | String | Represents a unique identifier assigned to a session or connection within a network infrastructure. Supports $filter (eq) and $orderby. |
| sourceIp | String | Represents the source IP address in a network communication. Supports $filter (eq) and $orderby. |
| sourcePort | Int32 | Represents the network port number on the source host or device in a network communication. Supports $filter (eq) and $orderby. |
| tenantId | String | Represents a unique identifier assigned to a tenant within a network infrastructure. Supports $filter (eq) and $orderby. |
| threatType | String | The type of threat detected in the traffic. Supports $filter (eq) and $orderby. |
| trafficType | microsoft.graph.networkaccess.trafficType | Represents the type or category of network traffic. The possible values are: internet, private, microsoft365, all, unknownFutureValue. Supports $filter (eq) and $orderby. |
| transactionId | String | Represents a unique identifier assigned to a specific transaction or operation. Key. Supports $filter (eq) and $orderby. |
| transportProtocol | microsoft.graph.networkaccess.networkingProtocol | Represents the transport protocol used for communication. The possible values are: ip, icmp, igmp, ggp, ipv4, tcp, pup, udp, idp, ipv6, ipv6RoutingHeader, ipv6FragmentHeader, ipSecEncapsulatingSecurityPayload, ipSecAuthenticationHeader, icmpV6, ipv6NoNextHeader, ipv6DestinationOptions, nd, raw, ipx, spx, spxII, unknownFutureValue. Supports $filter (eq) and $orderby. |
| userId | String | Represents a unique identifier assigned to a user. Supports $filter (eq) and $orderby. |
| userPrincipalName | String | Represents the user principal name (UPN) associated with a user. Supports $filter (eq) and $orderby. |
| vendorNames | Collection(String) | The name of the vendors who detected the threat. Supports $filter (eq) and $orderby. |
Graph reference: policyLink
| Property | Type | Description |
|---|---|---|
| id | String | Identifier. Inherited from microsoft.graph.entity. |
| state | microsoft.graph.networkaccess.status | Link status. The possible values are: enabled, disabled. |
| version | String | Version. |
Graph reference: policyRule
| Property | Type | Description |
|---|---|---|
| id | String | The unique identifier for the rule. Inherited from microsoft.graph.entity. |
| name | String | Name. |
Graph reference: privateAccessForwardingRule
| Property | Type | Description |
|---|---|---|
| action | microsoft.graph.networkaccess.forwardingRuleAction | The action applies to traffic. The possible values are: bypass, forward. |
| destinations | microsoft.graph.networkaccess.ruleDestination collection | maintains the list of potential destinations and destination types that the user could be accessing in the context of a forwarding policy, including IPs and FQDNs/URLs Inherited from microsoft.graph.networkaccess.forwardingRule. |
| id | String | Identifier. Inherited from microsoft.graph.entity. |
| name | String | Name. Inherited from microsoft.graph.networkaccess.policyRule. |
| ruleType | microsoft.graph.networkaccess.networkDestinationType | Destination Type. Inherited from microsoft.graph.networkaccess.forwardingRule. The possible values are: url, fqdn, ipAddress, ipRange, ipSubnet |
Graph reference: remoteNetwork
| Property | Type | Description |
|---|---|---|
| id | String | Identifier for the remote network. Inherited from microsoft.graph.entity. |
| lastModifiedDateTime | DateTimeOffset | last modified time. |
| name | String | Name. |
| region | microsoft.graph.networkaccess.region | Specify the region closest to your remote network. The possible value are: eastUS, eastUS2, westUS, westUS2, westUS3, centralUS, northCentralUS, southCentralUS, northEurope, westEurope, franceCentral, germanyWestCentral, switzerlandNorth, ukSouth, canadaEast, canadaCentral, southAfricaWest, southAfricaNorth, uaeNorth, australiaEast, westCentralUS, centralIndia, southEastAsia, swedenCentral, southIndia, australiaSouthEast, koreaCentral, koreaSouth, polandCentral, brazilSouth, japanEast, japanWest, koreaSouth, italyNorth, franceSouth, israelCentral, unknownFutureValue. |
| version | String | Remote network version. |
Graph reference: remoteNetworkConnectivityConfiguration
| Property | Type | Description |
|---|---|---|
| remoteNetworkId | String | Unique identifier or a specific reference assigned to a branchSite. Key. |
| remoteNetworkName | String | Display name assigned to a branchSite. |
Graph reference: remoteNetworkHealthEvent
| Property | Type | Description |
|---|---|---|
| bgpRoutesAdvertisedCount | Int32 | The number of BGP routes advertised through tunnel. |
| createdDateTime | DateTimeOffset | The time of the original event generation in UTC. Supports $filter (ge, le) and $orderby. |
| description | String | The description of the event. |
| destinationIp | String | The IP address of the destination. |
| id | String | A unique identifier for each remoteNetworkHealthEvent. |
| remoteNetworkId | String | A unique identifier for each remoteNetwork site. Supports $filter (eq). |
| sourceIp | String | The public IP address. |
| status | microsoft.graph.networkaccess.remoteNetworkStatus | The status of the remote network. The possible values are: tunnelDisconnected, tunnelConnected, bgpDisconnected, bgpConnected, remoteNetworkAlive, unknownFutureValue. |
| sentBytes | Int64 | The number of bytes sent from the source to the destination for the connection or session. |
| receivedBytes | Int64 | The number of bytes sent from the destination to the source. |
Graph reference: ruleDestination
Graph reference: tunnelConfiguration
| Property | Type | Description |
|---|---|---|
| preSharedKey | String | A key to establish secure connection between the link and VPN tunnel on the edge. |
| zoneRedundancyPreSharedKey | String | Another key for zone redundant tunnel. Required only when you select zoneRedundancy redindancyTier when creating a deviceLink. |
Graph reference: usageProfilingPoint
| Property | Type | Description |
|---|---|---|
| internetAccessTrafficCount | Int64 | The count of traffic requests directed to general internet destinations. |
| microsoft365AccessTrafficCount | Int64 | The count of traffic requests directed to Microsoft 365 services. |
| microsoftAccessTrafficCount | Int64 | The count of traffic requests directed to Microsoft services excluding Microsoft 365. |
| privateAccessTrafficCount | Int64 | The count of traffic requests directed to internal private network destinations. |
| timeStampDateTime | DateTimeOffset | The date and time of this data point. |
| totalTrafficCount | Int64 | The total count of all traffic requests across all access types. |
Graph reference: webCategoryFilteringRule
| Property | Type | Description |
|---|---|---|
| destinations | microsoft.graph.networkaccess.ruleDestination collection | The list of potential destinations and destination types that the user may access, including fully qualified domain names (FQDNs) and web categories, within the context of a network filtering policy. Inherited from microsoft.graph.networkaccess.filteringRule. |
| id | String | The unique identifier for the webCategoryFilteringRule. Inherited from microsoft.graph.networkaccess.filteringRule. |
| name | String | Display name. Inherited from microsoft.graph.networkaccess.filteringRule. |
| ruleType | microsoft.graph.networkaccess.networkDestinationType | The network destination type used by a filtering rule. Supports a subset of the values for **n |