Forum Discussion
Solved
Log Collection without Defender for endpoint
Hello,
I have a question, if i need to ingest the logs of an endpoint device without onboard the machine to Defender, i have 2 options, Log Analytics Agent & MMA agent, but it's not get the logs in the form as Defender get, like the following tables (DeviceEvents, DeviceProccess,,,etc),
how i can get these tables logs without onboarding the device to Defender??
Thanks.
- Those Tables are reserved for Defender, so you have to bring the data into other ones via the AMA or MMA.
1 Reply
- Those Tables are reserved for Defender, so you have to bring the data into other ones via the AMA or MMA.