Forum Discussion
Not all web traffic showing in Defender for Cloud Apps
We are starting to use Defender for Cloud Apps using Defender for Endpoint for log upload. We are not seeing all user traffic in Defender for Cloud Apps - for example if I go to etsy.com - my PC is not being added to the list of people who went to Etsy.com.
Any thoughts on where I can look for what is going wrong?
- Same here. I can navigate to Defender for Endpoint (the source of data in my case) and see the events of edge process sending requests to 3rd party domains and IPs, but that information is not updated in MDCA, although MDE is enabled as documented here: https://docs.microsoft.com/en-us/defender-cloud-apps/mde-integration
Is there any delay after logs from MDE are processed and presented in MDCA? - Check that you are looking at the Defender Endpoints view in the upper right of the cloud app discovery view. With Defender for Endpoint you will see only the device names, not the user names.
- HI I'm seeing the same thing.
I can see all the edge traffic for sites such as YouTube in the DfE device timeline, but this device / user traffic is not being associated with the YouTube app in Defender for Cloud Apps.
Any update on this would be great.- Keith_Fleming
Microsoft
Jamie_Wheeldon I would recommend opening a ticket so it can be investigated.
- Getting the same issue on a customers instance, however works fine in my lab.
