Tornado Collectors

Microsoft Office 365 (O365)

Mail Data

• Mail Collection: Collects users' emails, including sent, received, and stored messages, to analyze communication patterns and user preferences.

Entra Data

• Entra Sign-In Logs: Detailed logs of user sign-in activities, including timestamps, IP addresses, device information, and authentication status, for monitoring and analyzing access behavior.

• Entra Audit Logs: Records of administrative actions and configuration changes within the Microsoft Entra environment, providing insights into system modifications and security settings.

Google Workspace (GWS)

Mail Data

• Mail Collection: This feature collects users' emails, including sent, received, and stored messages, to analyze communication patterns and preferences.

• Email History Information: Provides detailed records of sent and received emails.

• Label Usage Information: Tracks how users organize their emails using labels.

• Email Settings Information: Captures email account settings, including signatures, filters, and auto-responders.

Drive Activities

• Drive Usage Activities: This feature tracks activities on Google Drive, such as file sharing, editing, and viewing history.

Reports Data

• Access Transparency Reports: Logs of access actions performed through Google's systems for transparency.

• Admin Activity Reports: Records of admin actions and activities.

• Calendar Usage Reports: Provides data on Google Calendar usage and event details.

• Chat Messaging Data: Analyzes user interactions and messaging habits in Google Chat.

• Browser Usage Reports: Tracks activity and usage data from the Chrome browser.

• Context-Aware Access Reports: Reports on conditional access settings, such as device or location-based access.

• Data Studio Reports: Visualizations and insights created using Google Data Studio.

• Drive Storage Reports: General reports on storage usage and file-sharing activities in Google Drive.

• Google Cloud Platform Usage Reports: Logs of usage and activity on Google Cloud Platform (GCP).

• Google+ Usage History: Historical data for the discontinued Google+ service.

• Group Usage Information: Data on usage and interactions in Google Groups.

• Enterprise Group Usage Reports: Advanced insights into enterprise-level group usage.

• Jamboard Activity Information: Tracks activities related to Jamboard devices and software.

• Keep Notes Information: Analyzes note-taking and list management habits in Google Keep.

• User Login Reports: Logs of user account login and logout activities.

• Google Meet Meeting Reports: Participation and usage details for Google Meet meetings.

• Mobile Usage Reports: Usage data for Google Workspace applications on mobile devices.

• Policy and Rules Reports: Tracks policies and rules applied in Google Workspace.

• SAML Authentication Reports: Logs of SAML-based authentication processes.

• Token Usage Reports: Insights into OAuth tokens and their activities.

• User Account Reports: General reports on user accounts.

• Archive and Data Retention Reports: Insights into Google Vault usage for archiving and data retention.

Admin Data

• Chrome OS Device Information: Management data for Chrome OS devices.

• Mobile Device Management Information: Tracks data from mobile device management (MDM) systems.

• Role Definition Information: Details roles and permissions within Google Workspace.

• Role Assignment Information: Tracks roles and responsibilities assigned to users.

• User Information: Provides detailed information about user accounts and profiles.

• Domain Management Information: Logs of domains defined under Google Workspace.