Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Microsoft Defender Advanced Hunting Add-on for Splunk app icon

Microsoft Defender Advanced Hunting Add-on for Splunk

This add-on provides field extractions and CIM compatibility for the Endpoint datamodel for Microsoft Defender Advanced Hunting data. The data is similar in content to Sysmon data and can be used by Detection Searches in i.e. Splunk Enterprise Security Content Update.

Built by
splunk product badge
Latest Version 1.4.1
August 27, 2024
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2
CIM Version: 6.x, 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Microsoft Defender Advanced Hunting Add-on for Splunk support icon
Not Supported
Ranking

#2

in Endpoint
This add-on provides field extractions and CIM compatibility for the Endpoint datamodel for Microsoft Defender Advanced Hunting data. The data is similar in content to Sysmon data and can be used by Detection Searches in i.e. Splunk Enterprise Security Content Update. Future versions may include support for Microsoft Defender for Office 365, Microsoft Defender for Identity and other products in the Microsoft 365 suite. Please see the Details tab for more info.

Categories

Created By

Splunk Works

Contributors

Mikael Bjerkeland

Type

addon

Downloads

33,799

Licensing

Splunk Answers

Resources

Log in to report this app listing