deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/atp-siem'

Browse Source
This commit is contained in:
Joey Caparas 2017-03-21 02:44:35 -07:00
commit e9d9bfdfdb
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/keep-secure/TOC.md
View File

@ -769,7 +769,7 @@
######## [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
######## [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
######## [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
#### [Pull alerts using SIEM tools or REST API](configure-siem-windows-defender-advanced-threat-protection.md)
#### [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md)
##### [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md)
##### [Configure Splunk to pull Windows Defender ATP alerts](configure-splunk-windows-defender-advanced-threat-protection.md)
##### [Configure HP ArcSight to pull Windows Defender ATP alerts](configure-arcsight-windows-defender-advanced-threat-protection.md)

6
windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md
View File

@ -1,6 +1,6 @@
---
title: Pull alerts by configuring SIEM tools or REST API to pull alerts from Windows Defender Advanced Threat Protection
description: Learn how to use REST API and configure supported security information and events management tools to receive and pull alerts using REST API.
title: Pull alerts to your SIEM tools from Windows Defender Advanced Threat Protection
description: Learn how to use REST API and configure supported security information and events management tools to receive and pull alerts.
keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise
search.product: eADQiWindows 10XVcnh
ms.prod: w10
@ -11,7 +11,7 @@ author: mjcaparas
localizationpriority: high
---
# Pull alerts using SIEM tools or use REST API
# Pull alerts to your SIEM tools
**Applies to:**