This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 67%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECZ%3C/text%3E%3C/svg%3E)
Hi,
How can I see all the logs that my Azure Defender is creating?
Also, is there any possibility to visualize them in Azure Event Hubs?
Thank you!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Yes. You can view these logs in Azure Sentinel, Azure Event Hubs, Event Viewer, and Log Analytics.
You can enable Azure Defender for your Event Hubs resources and then forward any logs from Event Hubs to your Azure Sentinel.
Follow this guide to set up streaming to a dedicated Azure Event Hub.
See also:
Connect Azure Defender alerts from Azure Security Center:
Configure Microsoft Defender ATP Logs in the Eventhub
How to collect all Microsoft Defender ATP events
Let me know if this helps!
@Marilee Turscak-MSFT thanks for the reply!
I understand that this is the only solution to see all the security logs that Azure Defender is sending to my VMs?
Do you know, by chance, what kind of logs will Azure Defender send to my VMs?
Hi,
any update on my second question?
Thanks!