Sep 27 2020 01:35 AM
Hi community,
For some or other reason I've stopped seeing Security Alerts in Azure Defender. This is not typical for this environment.
I have Owner permissions on the subscription, and Standard pricing applied across the environment. I can see the devices in MDATP.
Any idea why no security alerts will be displayed in here, and any suggestions on how I can test to make sure things are all good?
TIA
Sep 28 2020 11:36 AM
@SebastiaanR Did you check pricing&settings? When you click your subscription, you see the settings:
In data collection you should have a workspace (I also have in continuous export a workspace configured)
You could test on a VM by opening up PowerShell, and typing "invoke-webrequest https://secure.eicar.org/eicar.com -OutFile bla.com" which tries to download a test-virus on your VM (harmless). You should see stuff happening in ASC
Oct 03 2020 03:33 AM