Forum Discussion

PrashTechTalk's avatar
PrashTechTalk
Brass Contributor
Mar 31, 2020

Microsoft Defender ATP Azure Sentinel Connector omits lot of important Alert information

Hi 

 

It is sad to see Microsoft defender ATP Connector at Azure Sentinel does not get all the required alert information as compared to Graph API.   

 

Details like User information, IP Information, Threat Category & Threat Family are omitted.   

 

Building any custom playbook to get these data is additionally charged although ingestion of Microsoft data is free.   Connector needs improvement.

 

Thanks

 

Resources