Microsoft Defender ATP (renamed Microsoft Defender for Endpoint) is an endpoint security platform that prevents, detects and responds to security threats within enterprise networks. In Logpoint, Microsoft Defender ATP enables you to fetch and analyze Microsoft Defender ATP logs. Logpoint aggregates and normalizes Microsoft Defender ATP logs so you can analyze the information through the LP_MicrosoftDefenderATP dashboard. The dashboard visualizes the incident details for threat types, attack categories, hosts and other event details detected in your network. You can customize the dashboard to suit your needs and perform in-depth analysis by adjusting the data and searches.
Supported Devices/Sources
Microsoft Defender ATP
Microsoft Defender for Endpoint API
Microsoft Defender ATP Components
MicrosoftDefenderATPFetcher
MicrosoftDefenderATPCompiledNormalizer
LP_Microsoft Defender for Endpoint