deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-07 18:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

formatting fixes

Browse Source 
indented the new sub-list
swapped curly quotation marks for straight quotation marks
This commit is contained in:
Tami Fosmark 2019-09-20 10:27:26 -07:00 committed by GitHub
parent 5d400b01d8
commit 9e1cf51cb3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md
View File

@ -40,10 +40,10 @@ You'll need to configure Splunk so that it can pull Microsoft Defender ATP detec
- Make sure you have enabled the **SIEM integration** feature from the **Settings** menu. For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration.md)
- Have the details file you saved from enabling the **SIEM integration** feature ready. You'll need to get the following values:
- Tenant ID
- Client ID
- Client Secret
- Resource URL
- Tenant ID
- Client ID
- Client Secret
- Resource URL
## Configure Splunk
@ -109,7 +109,7 @@ Use the solution explorer to view detections in Splunk.
3. Enter the following details:
- Search: Enter a query, for example:</br>
`sourcetype=”wdatp:alerts” |spath|table*`
`sourcetype="wdatp:alerts" |spath|table*`
- App: Add-on for Windows Defender (TA_Windows-defender)
Other values are optional and can be left with the default values.