From 23bd8806149737c08185b5075f48aa5d790594d1 Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Wed, 26 Jun 2019 10:54:26 +0300
Subject: [PATCH] 1

---
 .../microsoft-defender-atp/raw-data-export.md | 43 +++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md

diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
new file mode 100644
index 0000000000..cfb25c8268
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
@@ -0,0 +1,43 @@
+---
+title: Stream Microsoft Defender Advanced Threat Protection events. 
+description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Event Hub or Azure storage account.
+keywords: raw data export, streaming API, API, Event hub, Azure storage, storage account, Advanced Hunting, raw data sharing
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Raw Data Streaming API
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
+
+## Stream Advanced Hunting events to your event hub and/or Azure storage account.
+
+Microsoft Defender ATP supports streaming all the events available through [Advanced Hunting](overview-hunting) to an [Event hub](https://docs.microsoft.com/en-us/azure/event-hubs/) and/or [Azure storage account](https://docs.microsoft.com/en-us/azure/event-hubs/).
+
+## In this section
+
+Topic | Description
+:---|:---
+[Stream MDATP events to your event hub](enable-siem-integration.md)| Learn about enabling the streaming API in your tenant and configure MDATP to stream [Advanced Hunting](overview-hunting) to your event hub.
+[Stream MDATP events to your Azure storage account](configure-splunk.md)| Learn about enabling the streaming API in your tenant and configure MDATP to stream [Advanced Hunting](overview-hunting) to your Azure storage account.
+
+
+## Related topics
+- [Overview of Advanced Hunting](overview-hunting)
+- [Azure Event Hub documentation](https://docs.microsoft.com/en-us/azure/event-hubs/)
+- [Azure Storage Account documentation](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview)