Forum Discussion
Humza_Bukhari
Sep 22, 2023Copper Contributor
SecurityAlert (MDATP) showing disable and we are not receiving logs In sentinel from M365 Defender
We have tried every possible way but still we are unable to receive any logs after connecting the data connector in sentinel for microsoft defender 365 . SecurityAlert (MDATP) is showing disable . s...
Humza_Bukhari
Sep 22, 2023Copper Contributor
we are using microsoft 365 defender , we ahave also tried microsoft defender for endpoint but both in vain and not receiving any logs
Sep 22, 2023
Humza_Bukhari did you check the connector settings as below and if you have the right permissions in the workspace?
- Humza_BukhariSep 22, 2023Copper Contributor
- Sep 22, 2023
have your tried to trigger an alert from MDE and see if the signal will be turned out to green ? also have you activate the analytic rule related to MDE to ingest the logs to sentinel ?
- Humza_BukhariSep 22, 2023Copper Contributor
elieelkarkafi yes as you can see i have already created this but unfortunately didnt get any logs . i have tried every possible way but all in vain
- Humza_BukhariSep 22, 2023Copper Contributoryes i have already check the connector setting but as i said earlier its is showing disable and greyed out .