May 25 2020
- last edited on
Apr 08 2022
Hi all, I'm trying to figure out how to get antimalware monitoring from Log Analytics. In the "olden days" I know you could implement a solution, but since Solutions appear to be going away in favor of workbooks, but I have no idea where to find in what table there should be logs of the antimalware extension.
Is there any info on this and is it even possible without installing the solution?
Jul 02 2020 02:30 AM
You can definitely still install the AntiMalware solution, and then query the ProtectionStatus table.
a. Go to your workspace and click the "View solutions" link:
b. Click "Add", which will open the marketplace
c. Search for the Anti Malware solution:
d. In your workspace's Logs area, run this query (or similar)
ProtectionStatus | where TimeGenerated > ago(1d)