Unfortunately its not so much that the issue is resolved. It is more that I decided to table use of the built-in Office365 plugin (that comes with Enterprise) and went with the plugin you initially referenced (ddbnl’s Office365 Audit Log Collector).
If you are asking how I came to resolving the fact that I could not make sense of the input, I found /u/ddbnl’s article on how to - among other things - manage extractors for the aforementioned plugin: Collecting Office365 & AzureAD audit logs using Office Audit Collector - the NEW Marketplace - Graylog Community
Irrespective, thank you!