diff --git a/windows/keep-secure/configure-aad-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-aad-windows-defender-advanced-threat-protection.md
index 65dcdf6805..72bedf6291 100644
--- a/windows/keep-secure/configure-aad-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-aad-windows-defender-advanced-threat-protection.md
@@ -48,14 +48,21 @@ You need to add an application in your Azure Active Directory (AAD) tenant then
 
 12. Type the following URLs in the **Reply URL** field:
 
-  - `https://DataAccess-PRD.trafficmanager.net:444/api/FetchAccessTokenFromAuthCode`
+  - Depending on the location of your datacenter, select either the EU or the US URL:
+      - For EU: `https://wdatp-alertexporter-eu.securitycenter.windows.com/api/FetchAccessTokenFromAuthCode`
+      - For US:  `https://wdatp-alertexporter-us.securitycenter.windows.com/api/FetchAccessTokenFromAuthCode`
   - `https://localhost:44300/WDATPconnector`
 
 13. Click **Save** and copy the key in a safe place. You'll need this key to authenticate the client application on Azure Active Directory.
 
 14. Open a web browser and connect to the following URL: <br>
+  - For EU:
 ```text
-https://DataAccess-PRD.trafficmanager.net:444/api/FetchToken?clientId=f7c1acd8-0458-48a0-a662-dba6de049d1c&tenantId=<tenant ID>&clientSecret=1234
+https://wdatp-alertexporter-eu.securitycenter.windows.com/api/FetchToken?clientId=f7c1acd8-0458-48a0-a662-dba6de049d1c&tenantId=<tenant ID>&clientSecret=1234
+```
+  - For US:
+```text
+https://wdatp-alertexporter-us.securitycenter.windows.com/api/FetchToken?clientId=f7c1acd8-0458-48a0-a662-dba6de049d1c&tenantId=<tenant ID>&clientSecret=1234
 ```
 An Azure login page appears.
 > [!NOTE]
diff --git a/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
index 614004d2dc..c4386cb504 100644
--- a/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-arcsight-windows-defender-advanced-threat-protection.md
@@ -69,7 +69,7 @@ The following steps assume that you have completed all the required steps in [Be
     <td>Type in the name of the client property file. It must match the client property file.</td>
     </tr>
     <td>Events URL</td>
-    <td>`https://DataAccess-PRD.trafficmanager.net:444/api/alerts`</td>
+    <td>For EU:  https://<i></i>wdatp-alertexporter-eu.securitycenter.windows.com/api/alerts </br></br> For US: https://<i></i>wdatp-alertexporter-us.securitycenter.windows.com/api/alerts</td>
     <tr>
     <td>Authentication Type</td>
     <td>OAuth 2</td>
diff --git a/windows/keep-secure/configure-splunk-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-splunk-windows-defender-advanced-threat-protection.md
index 60e1c00469..6f03941882 100644
--- a/windows/keep-secure/configure-splunk-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-splunk-windows-defender-advanced-threat-protection.md
@@ -56,7 +56,8 @@ You'll need to configure Splunk so that it can consume Windows Defender ATP aler
   </tr>
   <tr>
   <td>Endpoint URL</td>
-  <td> https://<i></i>DataAccess-PRD.trafficmanager.net:444/api/alerts</td>
+  <td>For EU:  https://<i></i>wdatp-alertexporter-eu.securitycenter.windows.com/api/alerts </br></br> For US: https://<i></i>wdatp-alertexporter-us.securitycenter.windows.com/api/alerts</td>
+
   </tr>
   <tr>
   <td>HTTP Method</td>