Manage system-generated logs
Applies to: Advanced Threat Analytics version 1.9
Note
This article provides steps for how to delete personal data from the device or service and can be used to support your obligations under the GDPR. If you’re looking for general info about GDPR, see the GDPR section of the Service Trust portal.
Note
Advanced Threat Analytics (ATA) collects anonymized system-generated log data about ATA and transmits the data over an HTTPS connection to Microsoft servers. This data is used by Microsoft to help improve future versions of ATA.
Data collected
Collected anonymized data includes the following parameters:
Performance counters from both the ATA Center and the ATA Gateway
Product ID from licensed copies of ATA
Deployment date of the ATA Center
Number of deployed ATA Gateways
The following anonymized Active Directory information:
Domain ID for the domain whose name would be the first domain when sorted alphabetically
Number of domain controllers
Number of domain controllers monitored by ATA via port mirroring
Number of Sites
Number of Computers
Number of Groups
Number of Users
Suspicious Activities – The following anonymized data is collected for each suspicious activity:
(Computer names, user names, and IP addresses are not collected)
Suspicious activity type
Suspicious activity ID
Status
Start and End Time
Input provided
Health issues – The following anonymized data is collected for each health issue:
(Computer names, user names, and IP addresses are not collected)
Health issue type
Health issue ID
Status
Start and End Time
ATA Console URL addresses - URL addresses when using the ATA Console, that is, which pages in the ATA Console are visited.
Disable data collection
Perform the following steps to stop collecting and sending telemetry data to Microsoft:
Log in to the ATA Console, click the three dots in the toolbar and select About.
Uncheck the box for Send us usage information to help improve your customer experience in the future.