Microsoft Defender XDR connector for Microsoft Sentinel
Microsoft Defender XDR is a unified, natively integrated, pre- and post-breach enterprise defense suite that protects endpoint, identity, email, and applications and helps you detect, prevent, investigate, and automatically respond to sophisticated threats.
Microsoft Defender XDR suite includes:
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Office 365
- Threat & Vulnerability Management
- Microsoft Defender for Cloud Apps
For more information, see the Microsoft Sentinel documentation.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | SecurityIncident SecurityAlert DeviceEvents DeviceFileEvents DeviceImageLoadEvents DeviceInfo DeviceLogonEvents DeviceNetworkEvents DeviceNetworkInfo DeviceProcessEvents DeviceRegistryEvents DeviceFileCertificateInfo EmailEvents EmailUrlInfo EmailAttachmentInfo EmailPostDeliveryEvents UrlClickEvents IdentityLogonEvents IdentityQueryEvents IdentityDirectoryEvents CloudAppEvents AlertEvidence |
| Data collection rules support | Not currently supported |
| Supported by | Microsoft Corporation |
Next steps
For more information, go to the related solution in the Azure Marketplace.