All Apps and Add-ons

I'm looking for an app that pulls al windows defender logs from Azure to splunk

ftonen
Explorer

I have found two apps this one and this one, but the first one only pulls security alerts and for the other one you need to deploy the app to the servers. Thing is, we also need the clients info and they don't have forwarders installed.

Is there an app that pulls all windows defender logs from Azure?

0 Karma

ftonen
Explorer

Woops, I forgot to link the apps: https://splunkbase.splunk.com/app/4128/ (only security alerts) and https://splunkbase.splunk.com/app/3734/#/details (not on workstation clients).

0 Karma
Get Updates on the Splunk Community!

Happy CX Day to our Community Superheroes!

Happy 10th Birthday CX Day!What is CX Day? It’s a global celebration recognizing innovation and success in the ...

Check out This Month’s Brand new Splunk Lantern Articles

Splunk Lantern is a customer success center providing advice from Splunk experts on valuable data insights, ...

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...