Forum Discussion
Microsoft Defender for Identity Alerts Fetched from Graph API (Entity Information is on Description)
So, we have been fetching the Defender for Identity and all other defender alerts using the Security graph API and sending it to our SIEM platform. Since the result is json, it is easy to parse and...
Did you find a solution for this? I am also looking for a way to ingest MDI logs to SIEM however not sure which approach to follow. Do you have any idea on this. Aashishadhh
