Forum Discussion
SIEM / Defender for Identity integration
Hello Everyone, I am working on the possibility of integrating SIEM and Defender for Identity alerts. I know that there is a possibility to send the alerts from the Defedender cloud to SIEM Splunk, ...
EliOfekthank you for your answer.
i'm not using standalone sensor one, i was just wondering if it's possible to do the integration from the SIEM to Defender for Identity.
I wanted to know also if there is any other possible configurations of Splunk to get all the alerts of defender for identity beside this one https://docs.microsoft.com/en-in/defender-for-identity/setting-syslog
can anyone have an idea about that ?
Thanks
