MicrosoftDefenderATP
Microsoft Defender ATP enables you to fetch and analyze logs from Microsoft Defender for Endpoint (previously named Microsoft Defender ATP). Logpoint aggregates and normalizes Microsoft Defender for Endpoint logs so you can analyze the information through the LP_MicrosoftDefenderATP dashboard. The dashboard visualizes the incident details for threat types, attack categories, hosts and other event details detected in your network. You can customize the dashboard to perform in-depth analysis by adjusting the data and searches.
Package Details
Microsoft Defender ATP Components:-
- Fetcher
- MicrosoftDefenderATPFetcher
- Compiled Normalizer
-
MicrosoftDefenderATPCompiledNormalizer
-
- Log Source Template
- MicrosoftDefenderATP
- Search Templates
-
LP_Microsoft Defender for Endpoint
-
- Fetcher
|
Description |
Issue ID |
Reference ID |
|---|---|---|
| You can now configure MicrosoftDefenderATP from Log Sources, which provides a centralized user interface for all the configurations of log collection. |
PLUG-11799 |
- |
Change in the Previous Version
Changes in Microsoft Defender ATP v5.1.1
Release Date: May 04, 2023
Enhancements
|
Description |
Issue ID | Reference ID |
|---|---|---|
|
Added a new LP_Microsoft Defender for Endpoint search template. |
KB-21342
|
- |
| Updated the query of ATP - Details and Threats Detected widgets in the LP_MicrosoftDefenderATP dashboard. | ||
|
Removed the following generic and redundant alert rules:
|
Changes in Microsoft Defender ATP v5.1.0
Enhancements
| Description | Issue ID | Reference ID |
| Microsoft Defender ATP now supports Microsoft Defender for Endpoint API | PLUG-8609 | 63280, 64539, 64578, 64672, 65030, 65143, 65567, 65610, 65922, 66265, 66481, 66658 |
| The security components of Microsoft Defender ATP have been updated to support its latest upgrade. | KB-16846 | - |
Support
If you have any questions or require assistance, create a support ticket.
Comments
Article is closed for comments.