Forum Discussion
Are there logs for Endpoint DLP?
Besides the report in the Activity Explorer (https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcompliance.microsoft.com%2Fdataclassification%3Fviewid%3Dactivitiesexplorer&data=04%7C01%7Cv-nigong%40microsoft.com%7C02cdcecf61e74720328908d89bf6f658%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637430832302643787%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OiRQ0NfpXKNz6%2BmKm00RkYmKBlRlpzoPVnKr%2B6NQELo%3D&reserved=0), are there any other logs for Endpoint DLP? Such as in the windows defender portal, or logs in the Windows 10 event viewer?
2 Replies
- Have you found anything on the client in regards of logs for Endpoint DLP?
I have found the following:
- Download the MDATP Client Analyzer tool: https://docs.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-configure-proxy?view=o365-worldwide#verify-client-connectivity-to-microsoft-cloud-service-urls
- Once installed, run the command: MDATPClientAnalyzerPreview\MDATPClientAnalyzer.cmd -t
I you're using Edge DLP settings, use the following in Edge to check if the settings for Endpoint DLP have been set:
- edge://edge-dlp-internals/
