Getting Data In

ms:defender:vulnerability API input add


Is it possible for the next version of the add-on to add MS defender vulnerabilty API calls to this add-on? Currently there is only "Microsoft defender for incident" and "Microsoft defender endpoint alert".  We need another one add for "Microsoft Defender for Vulnerabilities" ---- Here's the API's below ---

Permissions needed
Collected data API call Permission needed

Machine info GET Machine.Read.All
Full export of vulnerabilities GET Vulnerability.Read.All
Delta export of vulnerabilities GET Vulnerability.Read.All
Description of vulnerabilities POST AdvancedHunting.Read.All 

Labels (2)
0 Karma


Since that is a Splunk-supported add-on, you can request enhancements at

If this reply helps you, Karma would be appreciated.
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...