deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update windows defender security center to microsoft defender security center

Browse Source
This commit is contained in:
Joey Caparas
2019-04-10 14:58:31 -07:00
parent 91bf200c2b
commit dbb77d063b
56 changed files with 121 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
View File

@ -45,7 +45,7 @@ The _Client credential flow_ uses client credentials to authenticate against the
Use the following method in the Microsoft Defender ATP API to pull alerts in JSON format.
>[!NOTE]
>Windows Defender Security Center merges similar alert detections into a single alert. This API pulls alert detections in its raw form based on the query parameters you set, enabling you to apply your own grouping and filtering.
>Microsoft Defender Security Center merges similar alert detections into a single alert. This API pulls alert detections in its raw form based on the query parameters you set, enabling you to apply your own grouping and filtering.
## Before you begin
- Before calling the Microsoft Defender ATP endpoint to pull alerts, you'll need to enable the SIEM integration application in Azure Active Directory (AAD). For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md).
@ -111,7 +111,7 @@ string ago | string | Pulls alerts in the following time range: from `(current_t
int?limit | int | Defines the number of alerts to be retrieved. Most recent alerts will be retrieved based on the number defined.<br><br> **NOTE**: When not specified, all alerts available in the time range will be retrieved.
machinegroups | String | Specifies machine groups to pull alerts from. <br><br> **NOTE**: When not specified, alerts from all machine groups will be retrieved. <br><br> Example: <br><br> ```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines```
DeviceCreatedMachineTags | string | Single machine tag from the registry.
CloudCreatedMachineTags | string | Machine tags that were created in Windows Defender Security Center.
CloudCreatedMachineTags | string | Machine tags that were created in Microsoft Defender Security Center.
### Request example
The following example demonstrates how to retrieve all the alerts in your organization.