Jan 20 2021 01:42 PM
Trying to ascertain where the configuration in Azure ATP is stored that changes in exclusions can be logged for alerting and or review?
Jan 20 2021 02:18 PM
@Brogie
Currently it is audited in the backend and not customer visible directly.
In case of need , open a support case with the specific data you are interested in from the audit logs,
And the data will be pulled for you from the backend.
I am aware that this is planned to be changed at some point and this data is planned to be customer visible, but can't tell you when and how exactly...
Jan 20 2021 08:07 PM
@EliOfek Thanks, is there a capability to export the config to JSON similar to ATA which then I could do compares of the configs at different points in time?
Jan 21 2021 07:35 AM
@Brogie Officially no, But unofficially , F12 dev tools might work for what you want, although far from optimal.
Jun 29 2022 01:17 AM
Hi @EliOfek,
It's quite old issue with auditing but is it already available for customers?
Jun 29 2022 08:03 AM