Forum Discussion
Defender365 Alerts for high volume file deletion
Hussayn We do have defender and compliance intergration.
Our case has been passed on to a back end team but i've not heard anything in a few days. Once I do, i'll post the outcome.
Cheers
Jamie
Thanks for sharing, the only reason I was asking is I guess this is how the compliance tool and therefore the alerting rule knows about files being 'deleted' within the users' local profiles - the Defender telemetry, plus its only something I enabled in our environment around the the time (9th Sept). I suspect you and others have had this intergration running for some time.
I too was told by the first support rep after they spoke with their TL, this is how it is, just set a limit on the email notification to reduce the notification, but I pushed back and its been reassigned to someone else.
Thanks
- Ed_CarmodyOct 09, 2022Copper ContributorWe enabled the Intune profile Intune data collection policy / Device Configuration Profiles - Windows health monitoring and set Health monitoring Enable / Scope Endpoint analytics. It looks like this is triggering the same behavior with Inet and Windows search cache being deleted.
- Paragon06Oct 10, 2022Copper Contributor
Thanks for this, this makes sense now as I enabled the intune data collection policy a few weeks back.
Kind Regards
Jamie