diff --git a/DataConnectors/O365 Data/O365APItoAS-Template.zip b/DataConnectors/O365 Data/O365APItoAS-Template.zip
index 1f2844daf6b..a6cfacd13d5 100644
Binary files a/DataConnectors/O365 Data/O365APItoAS-Template.zip and b/DataConnectors/O365 Data/O365APItoAS-Template.zip differ
diff --git a/DataConnectors/O365 Data/O365APItoAS-Template/TimerTrigger/run.ps1 b/DataConnectors/O365 Data/O365APItoAS-Template/TimerTrigger/run.ps1
index 744592f9e15..ea02a010837 100644
--- a/DataConnectors/O365 Data/O365APItoAS-Template/TimerTrigger/run.ps1	
+++ b/DataConnectors/O365 Data/O365APItoAS-Template/TimerTrigger/run.ps1	
@@ -14,7 +14,7 @@ function Write-OMSLogfile {
     Given a  value pair hash table, this function will write the data to an OMS Log Analytics workspace.
     Certain variables, such as Customer ID and Shared Key are specific to the OMS workspace data is being written to.
     This function will not write to multiple OMS workspaces.  Build-signature and post-analytics function from Microsoft documentation
-    at https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-data-collector-api
+    at https://docs.microsoft.com/azure/log-analytics/log-analytics-data-collector-api
     .PARAMETER DateTime
     date and time for the log.  DateTime value
     .PARAMETER Type
@@ -104,14 +104,23 @@ function Write-OMSLogfile {
                 -method $method `
                 -contentType $ContentType `
                 -resource $resource
-            $uri = "https://" + $customerId + ".ods.opinsights.azure.com" + $resource + "?api-version=2016-04-01"
+
+		    # Compatible with previous version
+		    if ([string]::IsNullOrEmpty($LAURI)){
+		    	$LAURI = "https://" + $CustomerId + ".ods.opinsights.azure.com" + $resource + "?api-version=2016-04-01"
+		    }
+		    else
+		    {
+		    	$LAURI = $LAURI + $resource + "?api-version=2016-04-01"
+		    }
+		
             $headers = @{
                 "Authorization" = $signature;
                 "Log-Type" = $type;
                 "x-ms-date" = $rfc1123date
                 "time-generated-field" = $dateTime
             }
-            $response = Invoke-WebRequest -Uri $uri -Method $method -ContentType $ContentType -Headers $headers -Body $body -UseBasicParsing
+            $response = Invoke-WebRequest -Uri $LAURI -Method $method -ContentType $ContentType -Headers $headers -Body $body -UseBasicParsing
             Write-Verbose -message ('Post Function Return Code ' + $response.statuscode)
             return $response.statuscode
         }
@@ -150,9 +159,9 @@ function Get-AuthToken{
             [string]$TenantGUID
         )
     # Create app of type Web app / API in Azure AD, generate a Client Secret, and update the client id and client secret here
-    $loginURL = "https://login.microsoftonline.com/"
+    $loginURL = "$env:loginEndpoint"
     # Get the tenant GUID from Properties | Directory ID under the Azure Active Directory section
-    $resource = "https://manage.office.com"
+    $resource = "https://$env:managementApi"
     # auth
     $body = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}
     $oauth = Invoke-RestMethod -Method Post -Uri $loginURL/$tenantdomain/oauth2/token?api-version=1.0 -Body $body
@@ -176,7 +185,7 @@ function Get-O365Data{
     $contentTypes = $env:contentTypes.split(",")
     #Loop for each content Type like Audit.General
     foreach($contentType in $contentTypes){
-        $listAvailableContentUri = "https://manage.office.com/api/v1.0/$tenantGUID/activity/feed/subscriptions/content?contentType=$contentType&PublisherIdentifier=$env:publisher&startTime=$startTime&endTime=$endTime"
+        $listAvailableContentUri = "https://$env:managementApi/api/v1.0/$tenantGUID/activity/feed/subscriptions/content?contentType=$contentType&PublisherIdentifier=$env:publisher&startTime=$startTime&endTime=$endTime"
         do {
             #List Available Content
             $contentResult = Invoke-RestMethod -Method GET -Headers $headerParams -Uri $listAvailableContentUri
@@ -232,6 +241,16 @@ if ($Timer.IsPastDue) {
     Write-Host "PowerShell timer is running late!"
 }
 
+$LAURI = $env:LAURI
+if (-Not [string]::IsNullOrEmpty($LAURI)){
+	if($LAURI.Trim() -notmatch 'https:\/\/([\w\-]+)\.ods\.opinsights\.azure.([a-zA-Z\.]+)$')
+	{
+		Write-Error -Message "MCASActivity-SecurityEvents: Invalid Log Analytics Uri." -ErrorAction Stop
+		Exit
+	}
+}
+
+
 #add last run time to blob file to ensure no missed packages
 $endTime = $currentUTCtime | Get-Date -Format yyyy-MM-ddTHH:mm:ss
 $azstoragestring = $Env:WEBSITE_CONTENTAZUREFILECONNECTIONSTRING
diff --git a/DataConnectors/O365 Data/azuredeploy.json b/DataConnectors/O365 Data/azuredeploy.json
index caf1a107fe7..29a54dd027e 100644
--- a/DataConnectors/O365 Data/azuredeploy.json	
+++ b/DataConnectors/O365 Data/azuredeploy.json	
@@ -37,12 +37,19 @@
         "workspaceKey": {
             "type": "string",
             "defaultValue": "<workspaceKey>"
+        },
+        "office365Environment": {
+            "type": "string",
+            "defaultValue": "manage.office.com",
+            "allowedValues": ["manage.office.com", "manage-gcc.office.com", "manage.office365.us", "manage.protection.apps.mil"]
         }
     },
     "variables": {
             "Name": "O365Data",
             "FunctionName": "[concat(variables('Name'), 'fn', uniqueString(resourceGroup().id, subscription().id))]",
             "StorageAccountName": "[tolower(concat(variables('Name'), 'sa', uniqueString(resourceGroup().id, subscription().id)))]",
+            "StorageSuffix": "[environment().suffixes.storage]",
+            "LogAnaltyicsUri": "[replace(environment().portal, 'https://portal', concat('https://', toLower(parameters('WorkspaceId')), '.ods.opinsights'))]",
             "KeyVaultName": "[concat(variables('Name'), 'kv', uniqueString(resourceGroup().id, subscription().id))]"
     },
     "resources": [
@@ -231,8 +238,8 @@
                         "FUNCTIONS_WORKER_RUNTIME": "powershell",
                         "APPINSIGHTS_INSTRUMENTATIONKEY": "[reference(resourceId('Microsoft.insights/components', variables('FunctionName')), '2015-05-01').InstrumentationKey]",
                         "APPLICATIONINSIGHTS_CONNECTION_STRING": "[reference(resourceId('microsoft.insights/components', variables('FunctionName')), '2015-05-01').ConnectionString]",
-                        "AzureWebJobsStorage": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('StorageAccountName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', toLower(variables('StorageAccountName'))), '2019-06-01').keys[0].value, ';EndpointSuffix=core.windows.net')]",
-                        "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('StorageAccountName'),';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', toLower(variables('StorageAccountName'))), '2019-06-01').keys[0].value, ';EndpointSuffix=core.windows.net')]",
+                        "AzureWebJobsStorage": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('StorageAccountName'),';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts', toLower(variables('StorageAccountName'))), '2019-06-01').keys[0].value, ';EndpointSuffix=',toLower(variables('StorageSuffix')))]",
+                        "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('StorageAccountName'),';AccountKey=', listKeys(resourceId('Microsoft.Storage/storageAccounts', toLower(variables('StorageAccountName'))), '2019-06-01').keys[0].value, ';EndpointSuffix=',toLower(variables('StorageSuffix')))]",
                         "WEBSITE_CONTENTSHARE": "[variables('StorageAccountName')]",
                         "clientID": "[parameters('clientID')]",
                         "clientSecret": "[concat('@Microsoft.KeyVault(SecretUri=', reference(resourceId('Microsoft.KeyVault/vaults/secrets', variables('KeyVaultName'), 'clientSecret')).SecretUriWithVersion, ')')]",
@@ -245,7 +252,10 @@
                         "workspaceID": "[parameters('workspaceID')]",
                         "workspaceKey": "[concat('@Microsoft.KeyVault(SecretUri=', reference(resourceId('Microsoft.KeyVault/vaults/secrets', variables('KeyVaultName'), 'workspaceKey')).SecretUriWithVersion, ')')]",
                         "WEBSITE_RUN_FROM_PACKAGE": "https://aka.ms/sentinel-O365APItoAS-functionapp",
-                        "customLogName": "O365"
+                        "LAURI": "[variables('LogAnaltyicsUri')]",
+                        "customLogName": "O365",
+                        "managementApi": "[parameters('office365Environment')]",
+                        "loginEndpoint": "[environment().authentication.loginEndpoint]"
                     }
                 }
             ]
diff --git a/DataConnectors/O365 Data/azuredeploy.parameters.json b/DataConnectors/O365 Data/azuredeploy.parameters.json
index f187eaa8600..22b4f3c2cf1 100644
--- a/DataConnectors/O365 Data/azuredeploy.parameters.json	
+++ b/DataConnectors/O365 Data/azuredeploy.parameters.json	
@@ -2,9 +2,6 @@
   "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
   "contentVersion": "1.0.0.0",
   "parameters": {
-    "FunctionName": {
-      "value": "O365Data"
-    },
     "clientID": {
       "value": "<AADclientId>"
     },