SIEM

Expand all | Collapse all

FortiSIEM - Windows Defender Logs

  • 1.  FortiSIEM - Windows Defender Logs

    Posted Apr 02, 2020 01:05 AM
      |   view attached
    Hi,

    I would like to know whether there is a parser for Windows Defender Operational/WHC Logs

    Cheers,
    Isuru


  • 2.  RE: FortiSIEM - Windows Defender Logs

    Posted Apr 02, 2020 07:14 AM
    Hi Isuru,

    Just for Windows Defender ATP.

    Cheers


  • 3.  RE: FortiSIEM - Windows Defender Logs

    Posted Apr 07, 2020 09:36 PM
    Hi Hugo,

    Sorry for the late response. Not the ATP Logs (I saw there is a parser for that). I was looking for a parser related to the Endpoint Logs from Windows Defender.

    Cheers,
    Isuru


  • 4.  RE: FortiSIEM - Windows Defender Logs

    Posted Jun 25, 2020 03:20 PM
    Hi Isuru,

    One question about this, are you collecting the Windows Defender Log via WUA Agent?

    Cheers,
    Hugo Pinto


  • 5.  RE: FortiSIEM - Windows Defender Logs

    Posted Jun 25, 2020 08:59 PM
    Hi Hugo,

    Yes. I was asking about the windows defender logs.



    Cheers,
    Isuru