Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Microsoft 365 Defender
This app integrates with Microsoft 365 Defender to execute various generic and investigative actions
Built by Splunk LLC
Compatibility
Not Available
Platform Version: 6.4, 6.3
Rating
0
(0)
Log in to rate this app
Ranking
#26
in Endpoint
This app integrates with Microsoft 365 Defender to execute various generic and investigative actions
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using supplied configuration
- on poll: Callback action for the on_poll ingest functionality
- run query: An advanced search query
- list incidents: List all the incidents
- list alerts: List all the alerts
- get incident: Retrieve specific incident by its ID
- update incident: Update the properties of an incident object
- get alert: Retrieve specific alert by its ID
- update alert: Update properties of existing alert
Categories
Created By
Splunk LLC
Source Code
Type
connector
Downloads
9,781
Licensing
Splunk Answers
Resources
Login to report this app listing