Forum Discussion
How to onboard an Azure VM manually to Microsoft Defender for Cloud ?
Hi, I know that when turn on the MDC to the subscription, all the new resouces belong to the subscription would be onboarded automatically. But is there any manually way to onboard it ? The ...
Hi Yang,
If you want to onboard the desktop OS VM to MDFC I believe you will need to install the Azure Monitor Agent, and then using Data Collection Rule, you can point it to the Log Analytics Workspace where you have enabled the MDFC instance.
1. Onboard using AMA and point to correct workspace.
2. I believe you would use DCR to point it to the correct sub/workspace.
3. Good question, I suspect it would come under Servers, but haven't found anything to confirm that yet.
See more info below.
Log analytics and manual agent provisioning: https://learn.microsoft.com/en-us/azure/defender-for-cloud/working-with-log-analytics-agent#manual-agent
MDFS supported operating systems: https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-cloud#supported-operating-systems
Azure Monitor Agent for client devices: https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-windows-client
Please note that onboarding to MDE via MDFC for Windows 11 is not supported (unless multi-session): https://learn.microsoft.com/en-us/azure/defender-for-cloud/integration-defender-for-endpoint
If you want to onboard the desktop OS VM to MDFC I believe you will need to install the Azure Monitor Agent, and then using Data Collection Rule, you can point it to the Log Analytics Workspace where you have enabled the MDFC instance.
1. Onboard using AMA and point to correct workspace.
2. I believe you would use DCR to point it to the correct sub/workspace.
3. Good question, I suspect it would come under Servers, but haven't found anything to confirm that yet.
See more info below.
Log analytics and manual agent provisioning: https://learn.microsoft.com/en-us/azure/defender-for-cloud/working-with-log-analytics-agent#manual-agent
MDFS supported operating systems: https://learn.microsoft.com/en-us/azure/defender-for-cloud/support-matrix-defender-for-cloud#supported-operating-systems
Azure Monitor Agent for client devices: https://learn.microsoft.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-windows-client
Please note that onboarding to MDE via MDFC for Windows 11 is not supported (unless multi-session): https://learn.microsoft.com/en-us/azure/defender-for-cloud/integration-defender-for-endpoint