Microsoft Defender Advanced Hunting Add-on for Splunk

Splunk Community
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Microsoft Defender Advanced Hunting Add-on for Splunk

Microsoft Defender Advanced Hunting Add-on for Splunk
This add-on provides field extractions and CIM compatibility for the Endpoint datamodel for Microsoft Defender Advanced Hunting data. The data is similar in content to Sysmon data and can be used by Detection Searches in i.e. Splunk Enterprise Security Content Update. Future versions may include support for Microsoft Defender for Office 365, Microsoft Defender for Identity and other products in the Microsoft 365 suite. Please see the Details tab for more info.
Ask a Question View in Splunkbase
0 topics and 0 replies mentioned Microsoft Defender Advanced Hunting Add-on for Splunk in
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.