Forum Discussion
Defender for Cloud - MSSP Usability
Hi,
Currently looking at the complete XDR remit from the view point of an MSSP. For the various portal access we are using connected organisations.
When we come to Defender for Cloud, how do we as an MSSP with no direct access to a customer's tenant (using lighthouse for Sentinel access) manage that for them?
Regards,
Tim
- You might be able to use Log Analytics data export, to push the data round.
https://docs.microsoft.com/en-us/azure/azure-monitor/logs/logs-data-export?tabs=portal
Or manually change the workspace ID and keys to match Log Analytics workspaces that you own across all subscriptions, but Lighthouse is definitely the supported way.
