deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 06:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md

Browse Source 
Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com>
This commit is contained in:
jcaparas 2020-04-13 10:40:52 -07:00 committed by GitHub
parent cf7850c352
commit ece1ef42ee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
View File

@ -67,7 +67,7 @@ Enable security information and event management (SIEM) integration so you can p
> [!NOTE] > [!NOTE]
> You'll need to generate a new Refresh token every 90 days. > You'll need to generate a new Refresh token every 90 days.
6. Follow the instructions for [creating an Azure AD app registration for MDATP](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp) and assign the correct permissions to it to read alerts. 6. Follow the instructions for [creating an Azure AD app registration for Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp) and assign the correct permissions to it to read alerts.
You can now proceed with configuring your SIEM solution or connecting to the detections REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive detections from Microsoft Defender Security Center. You can now proceed with configuring your SIEM solution or connecting to the detections REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive detections from Microsoft Defender Security Center.