Forum Discussion
PrashTechTalk
Mar 31, 2020Brass Contributor
Microsoft Defender ATP Azure Sentinel Connector omits lot of important Alert information
Hi
It is sad to see Microsoft defender ATP Connector at Azure Sentinel does not get all the required alert information as compared to Graph API.
Details like User information, IP Information, Threat Category & Threat Family are omitted.
Building any custom playbook to get these data is additionally charged although ingestion of Microsoft data is free. Connector needs improvement.
Thanks
- Sarah_YoungMicrosoft
PrashTechTalk thank you for your feedback. The best place to put requests for new or improved features is in our user voice forums, where it will be reviewed by engineering - https://feedback.azure.com/forums/920458-azure-sentinel.
Thanks!
Sarah