deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 02:13:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Add additional step for AAD app registration

Browse Source 
Added step to point users to create their Azure AD application and assign required permission.
This commit is contained in:
JesseEsquivel
2020-04-10 15:40:44 -04:00
committed by GitHub
parent 46e6fd2794
commit 9f9c5332f7
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
View File

@ -67,6 +67,9 @@ Enable security information and event management (SIEM) integration so you can p
> [!NOTE]
> You'll need to generate a new Refresh token every 90 days.
6. Follow the instructions for creating an Azure AD app registration and assigning the correct permissions to it to read alerts.
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp
You can now proceed with configuring your SIEM solution or connecting to the detections REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive detections from Microsoft Defender Security Center.
## Integrate Microsoft Defender ATP with IBM QRadar