diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md index 96a1dc2cc7..6e08192fa6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md @@ -134,7 +134,7 @@ You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https: Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender ATP service URLs. -1. Download the [connectivity verification tool](https://go.microsoft.com/fwlink/p/?linkid=823683) to the PC where Microsoft Defender ATP sensor is running on. +1. Download the [connectivity verification tool](https://aka.ms/mdatpanalyzer) to the PC where Microsoft Defender ATP sensor is running on. 2. Extract the contents of WDATPConnectivityAnalyzer on the machine. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md index 30b66351ac..13cf662e66 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md @@ -15,7 +15,6 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/16/2017 --- # Configure Splunk to pull Microsoft Defender ATP alerts @@ -33,7 +32,7 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP alert ## Before you begin -- Install the [REST API Modular Input app](https://splunkbase.splunk.com/app/1546/) in Splunk. +- Install the open source [Windows Defender ATP Modular Inputs TA](https://splunkbase.splunk.com/app/4128/) in Splunk. - Make sure you have enabled the **SIEM integration** feature from the **Settings** menu. For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md) - Have the details file you saved from enabling the **SIEM integration** feature ready. You'll need to get the following values: @@ -52,7 +51,7 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP alert 3. Click **REST** under **Local inputs**. NOTE: - This input will only appear after you install the [REST API Modular Input app](https://splunkbase.splunk.com/app/1546/). + This input will only appear after you install the [Windows Defender ATP Modular Inputs TA](https://splunkbase.splunk.com/app/4128/). 4. Click **New**.