deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-24 14:53:44 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into lsaldanha-4620497-batch14

Browse Source
This commit is contained in:
Lovina Saldanha
2021-01-05 16:36:35 +05:30
committed by GitHub
parent 9768adbcd0 ae567ed641
commit 8478b5059b
309 changed files with 24212 additions and 2492 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
View File

@ -28,6 +28,7 @@ ms.topic: article
>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink)
>[!Note]
>- [Microsoft Defender for Endpoint Alert](alerts.md) is composed from one or more detections.
>- [Microsoft Defender for Endpoint Detection](api-portal-mapping.md) is composed from the suspicious event occurred on the Device and its related Alert details.
@ -202,7 +203,7 @@ Here is an example return value:
The following code examples demonstrate how to obtain an access token for calling the Microsoft Defender for Endpoint SIEM API.
```csharp
AuthenticationContext context = new AuthenticationContext(string.Format("https://login.windows.net/{0}", tenantId));
AuthenticationContext context = new AuthenticationContext(string.Format("https://login.microsoftonline.com/{0}", tenantId));
ClientCredential clientCredentials = new ClientCredential(clientId, clientSecret);
AuthenticationResult authenticationResult = context.AcquireTokenAsync(detectionsResource, clientCredentials).GetAwaiter().GetResult();
```
@ -217,7 +218,7 @@ $appId = '' ### Paste your Application ID here
$appSecret = '' ### Paste your Application secret here
$resourceAppIdUri = 'https://graph.windows.net'
$oAuthUri = "https://login.windows.net/$tenantId/oauth2/token"
$oAuthUri = "https://login.microsoftonline.com/$tenantId/oauth2/token"
$authBody = [Ordered] @{
resource = "$resourceAppIdUri"
client_id = "$appId"
@ -236,7 +237,7 @@ tenantId='' ### Paste your tenant ID here
appId='' ### Paste your Application ID here
appSecret='' ### Paste your Application secret here
resourceAppIdUri='https://graph.windows.net'
oAuthUri="https://login.windows.net/$tenantId/oauth2/token"
oAuthUri="https://login.microsoftonline.com/$tenantId/oauth2/token"
scriptDir=$(pwd)
apiResponse=$(curl -s X POST "$oAuthUri" -d "resource=$resourceAppIdUri&client_id=$appId&client_secret=$appSecret&\