May 20 2019 12:24 PM
I just found this article https://docs.microsoft.com/en-us/azure-advanced-threat-protection/cef-format-sa which explains the format to integrate Azure ATP with SIEMs, but I can't find any article explaining HOW to actually do that integration. Any help will be apprectiated.
May 20 2019 02:20 PM
@nbriones Did you get to read this:
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/setting-syslog
?