Forum Discussion
MDATP - how to? is it possible to:
Hi All, Asking some potentially dumb questions & looking for guidance if these actions are possible: Monitor for any changes in the Event Log settings - i.e. change of size, retention, file, et...
Is there anything in particular that you want to monitor on the event logs?
All activities of an on boarded machine can be found on the timelines section on the MDATP portal for that particular machine
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/investigate-machines#timeline