Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

isuru
New Contributor II

Created on ‎04-02-2020 01:05 AM

FortiSIEM - Windows Defender Logs

Hi,

I would like to know whether there is a parser for Windows Defender Operational/WHC Logs

Cheers,
Isuru
Cheers,
Isuru Malawige
Cheers,Isuru Malawige
Preview file
18 KB
Labels:
509
0 Kudos
4 REPLIES 4
HugoPinto
Contributor

Created on ‎04-02-2020 07:14 AM

Hi Isuru,

Just for Windows Defender ATP.

Cheers
479
0 Kudos
isuru
New Contributor II
In response to HugoPinto

Created on ‎04-07-2020 09:36 PM

Hi Hugo,

Sorry for the late response. Not the ATP Logs (I saw there is a parser for that). I was looking for a parser related to the Endpoint Logs from Windows Defender.

Cheers,
Isuru
Cheers,
Isuru Malawige
Cheers,Isuru Malawige
479
0 Kudos
HugoPinto
Contributor
In response to isuru

Created on ‎06-25-2020 03:20 PM

Hi Isuru,

One question about this, are you collecting the Windows Defender Log via WUA Agent?

Cheers,
Hugo Pinto
479
0 Kudos
isuru
New Contributor II
In response to HugoPinto

Created on ‎06-25-2020 08:59 PM

Hi Hugo,

Yes. I was asking about the windows defender logs.

UploadedImages_HhobK4tZT2OYPQ4rIPtn_temp.png


Cheers,
Isuru
Cheers,
Isuru Malawige
Cheers,Isuru Malawige
479
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.