Forum Discussion
Defender ATP Connector in Logic Apps-Azure Sentinel
Hi, I see that there is a connector available for Defender ATP while creating a new playbook in Sentinel. However I am not sure how exactly does it work. I haven't come across any use cases for t...
Pranesh1060 That connector is a Logic App connector, not to be confused with the Azure Sentinel Data Connector, so it really does not have anything to do with Azure Sentinel. It will kick off the Logic App when a new alert in the Defender ATP, https://securitycenter.windows.com/dashboard, occurs.
Note that there is a Microsoft Defender ATP connector that is in preview which will raise the alerts in Azure Sentinel after they were created in MS Defender ATP.
For the rest of your question, you may want to ask it in the https://techcommunity.microsoft.com/t5/microsoft-defender-advanced/ct-p/MicrosoftDefenderAdvanced communities