Oct 24 2019 01:28 AM
How do i get reference the hunting schema outlined here?
Im unable to use any of the schema table in that article.
Thanks!
Oct 24 2019 03:50 AM
@sreeman I can see the tables listed in the article when I go to the Microsoft Defender ATP portal https://securitycenter.windows.com/
I don't see them in Azure Sentinel but not really expecting to.
Oct 24 2019 06:22 PM
Hi @Gary Bushey , thanks. I know they are part of Defender ATP's db schema, thats why i was wondering if its available on Sentinels DB Schema as well. After all, its just the schema table and not actions.
Oct 25 2019 04:56 AM
Have you enabled the Sentinel connector? https://docs.microsoft.com/en-us/azure/sentinel/connect-microsoft-defender-advanced-threat-protectio...