Forum Widgets
Latest Discussions
MCAS logcollector docker image : 0 logs received
I followed that documentation : https://learn.microsoft.com/en-us/defender-cloud-apps/discovery-docker-ubuntu?tabs=ubuntu My Collector is displaying a connected status in the console : But as you can see, no data was received, and if I do a collector_status -P on my docker : I checked all possible logs files, nothing helped me So if someone can help about that.. Thank you !
Problem with MDCA Session Control and Google Workspace
We have implemented MDCA Session Control with Google Workspace in a Customer. Almost all Google apps work and they are protected by Session Control, but we have found problems with Gemini, Analytics and Google Search. These apps don´t open under session control and it seems some kind of problems with SSO. Do anyone knows any fix for the problem?Problem Automatic Log Upload - Defender for Cloud Apps
Hello Community, I have a strange problem with the activity in the Title. I have create Data Sources from Fortinet And a Log collector With the correct documentation that is linked https://learn.microsoft.com/en-us/defender-cloud-apps/discovery-docker-ubuntu-azure?tabs=centos So i have a Fortinet Firewall that send by SYSLOG log to the VM Ubuntu in Azure, i have deploy docker, Ubuntu receive log from firewall, i see traffic is correct. But from Cloud Apps connector remains into "Connected" state. Regards, Guido
Restricting access to non SSO apps
I have multiple non SSO apps that my users need to access. I am looking to permit access but limit what actions users can take when visiting these apps/sites such as: blocking file uploads, blocking data download, restricting logins, etc to limit shadow IT. Is there a way to do this within MDCA? Session control policies, activity policies and access policies require the apps be onboarded or SSO configured which is not feasible for the numerous apps in scope. If not MDCA, what other services have you used to accomplish this?Scope Profile - Device Group Creation - Help please
Hi Everyone, Hope all is well. I'm trying to make particular user group be excluded from a unsanctioned app. I saw you can create scoped profile which available under Setting - Apps - Scoped Profile. I'm following Microsoft documents here. https://docs.microsoft.com/en-us/defender-cloud-apps/governance-discovery On step 5 and step 6 it talks about selecting device group? how I create device group? I have bunch of azure ad device groups but nothing is coming up when search it which leads me to believe you need to import it. I tried importing through user groups but that does not seems to work. Please let me know if you know how to do this or another way to get this task completed. I'm trying to create Scope profile which is available
Session controlled Microsoft apps very slow response
Hello For the past 2 months we have been receiving complaints regarding D365 slowness off and on. D365 was included in my session controlled policy. I disabled the policy and the complaints have stopped. Is there part of the policy setup that was missed. I really need the benefits of MCAS without impacting the business. ThanksGeneral Risk Factor - Logon URL - Null
I'm trying to create a policy that maps "Logon URL" field in the app details and if its empty/blank, it approves/sanction the application. My only challenge is that I'm not able to set an identifier that reads blank field. I tried ASCII null character but it doesn't work. Wondering if this use case is even possible.
Native DLP Failed on Mar 4, 2020, 3:29:13 PM. Error details: Download error
Hi i am facing issue with applying Sensitivity label on SharePoint files using MCAS, first i am able to apply the label but after that MCAS unable to scan the file, also creating rule to remove the label failed with native DLP failed error. i have a support request opened for more than a month and there is no solution. regards
