![]() ![]() ![]() Threat categories: shows the types of threat or attack activity that triggered alerts, indicating possible focus areas for your security operations.Detection sources: shows information about the sensors and detection technologies that provide the data used by Microsoft Defender for Endpoint to trigger alerts.The report is made up of cards that display the following alert attributes: The filter applied on the trends section is not applied on the summary section. For example if today's date is November 5, 2019, the data on the summary section will reflect numbers starting from to November 5, 2019. Optionally choose to Encrypt the event source if choosing TCP by downloading the Rapid7 Certificate.The data reflected in the summary section is scoped to 180 days prior to the current date.Select syslog and specify a port and a protocol. ![]() Configure your default domain or add a new domain.Optionally choose to send unfiltered logs.Choose the timezone that matches the location of your event source logs.If you want, you can also name your event source. Choose your collector and event source.From the “Security Data” section, click the Virus Scan icon.When the Data Collection page appears, click the Setup Event Source dropdown and choose Add Event Source.From your dashboard, select Data Collection on the left navigation menu. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |