Tornado Collectors

Microsoft Office 365 (O365)

Mail Data

  • Mail Collection: Collects users' emails, including sent, received, and stored messages, to analyze communication patterns and user preferences.

Entra Data

  • Entra Sign-In Logs: Detailed logs of user sign-in activities, including timestamps, IP addresses, device information, and authentication status, for monitoring and analyzing access behavior.

  • Entra Audit Logs: Records of administrative actions and configuration changes within the Microsoft Entra environment, providing insights into system modifications and security settings.


Google Workspace (GWS)

Mail Data

  • Mail Collection: This feature collects users' emails, including sent, received, and stored messages, to analyze communication patterns and preferences.

  • Email History Information: Provides detailed records of sent and received emails.

  • Label Usage Information: Tracks how users organize their emails using labels.

  • Email Settings Information: Captures email account settings, including signatures, filters, and auto-responders.

Drive Activities

  • Drive Usage Activities: This feature tracks activities on Google Drive, such as file sharing, editing, and viewing history.

Reports Data

  • Access Transparency Reports: Logs of access actions performed through Google's systems for transparency.

  • Admin Activity Reports: Records of admin actions and activities.

  • Calendar Usage Reports: Provides data on Google Calendar usage and event details.

  • Chat Messaging Data: Analyzes user interactions and messaging habits in Google Chat.

  • Browser Usage Reports: Tracks activity and usage data from the Chrome browser.

  • Context-Aware Access Reports: Reports on conditional access settings, such as device or location-based access.

  • Data Studio Reports: Visualizations and insights created using Google Data Studio.

  • Drive Storage Reports: General reports on storage usage and file-sharing activities in Google Drive.

  • Google Cloud Platform Usage Reports: Logs of usage and activity on Google Cloud Platform (GCP).

  • Google+ Usage History: Historical data for the discontinued Google+ service.

  • Group Usage Information: Data on usage and interactions in Google Groups.

  • Enterprise Group Usage Reports: Advanced insights into enterprise-level group usage.

  • Jamboard Activity Information: Tracks activities related to Jamboard devices and software.

  • Keep Notes Information: Analyzes note-taking and list management habits in Google Keep.

  • User Login Reports: Logs of user account login and logout activities.

  • Google Meet Meeting Reports: Participation and usage details for Google Meet meetings.

  • Mobile Usage Reports: Usage data for Google Workspace applications on mobile devices.

  • Policy and Rules Reports: Tracks policies and rules applied in Google Workspace.

  • SAML Authentication Reports: Logs of SAML-based authentication processes.

  • Token Usage Reports: Insights into OAuth tokens and their activities.

  • User Account Reports: General reports on user accounts.

  • Archive and Data Retention Reports: Insights into Google Vault usage for archiving and data retention.

Admin Data

  • Chrome OS Device Information: Management data for Chrome OS devices.

  • Mobile Device Management Information: Tracks data from mobile device management (MDM) systems.

  • Role Definition Information: Details roles and permissions within Google Workspace.

  • Role Assignment Information: Tracks roles and responsibilities assigned to users.

  • User Information: Provides detailed information about user accounts and profiles.

  • Domain Management Information: Logs of domains defined under Google Workspace.


Last updated

Was this helpful?