hi experts
reaching out to inquire about ingesting Microsoft MDE (Microsoft Defender for Endpoint) data into Chronicle.
Is there any relevant documentation or guides that could assist me
Where can i find documentation for Microsoft MDE data into Chronicle
+1
+1
I would start here:
https://cloud.google.com/chronicle/docs/administration/feed-management
Defender for Enpoint is incldued in the default parsers:
https://cloud.google.com/chronicle/docs/ingestion/ingestion-entities
+1Also suggest .
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.