none
Windows Defender Alerts in Security Center? RRS feed

  • Question

  • Hi,

    Is it possible to see Virus detection Alerts by the Windows-Defender client in the Security-Center?

    The respective VM is connected and sending logs (as i can see from various external malicious alerts that appear in the Security Center), but when i trigger the local Windows-Defender on the VM i see nothing.

    Thank you.




    • Edited by CloudMe Friday, August 9, 2019 12:57 PM
    Friday, August 9, 2019 12:55 PM

Answers

All replies

  • Hi,

    you need to enable the integration between windows defender ATP and security center

    https://docs.microsoft.com/en-us/azure/security-center/security-center-wdatp


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. My blog: http://cloudskillz.wordpress.com/

    • Marked as answer by CloudMe Wednesday, August 14, 2019 8:53 PM
    • Unmarked as answer by CloudMe Thursday, August 15, 2019 4:52 AM
    Friday, August 9, 2019 6:25 PM
  • Hi,

    you need to enable the integration between windows defender ATP and security center


    Thanks for the info.

    I do not have a license for windows defender ATP.

    Does this mean that i can't see the events from my vm's Windows-Defender client in the Security-Center?

    Saturday, August 10, 2019 4:13 PM
  • Hi,

    for normal Windows defender endpoint the scenarios that generate the following two recommendations for Endpoint protection solutions by Azure Security Center. 

    • Install endpoint protection solutions on your virtual machine
    • Resolve endpoint protection health issues on your machines

    https://docs.microsoft.com/en-us/azure/security-center/security-center-endpoint-protection

    for full list of platform and features supported by Azure security center

    https://docs.microsoft.com/en-us/azure/security-center/security-center-os-coverage



    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. My blog: http://cloudskillz.wordpress.com/


    • Edited by Mohamed.Salah Thursday, August 15, 2019 5:32 AM
    • Marked as answer by CloudMe Thursday, August 15, 2019 7:31 AM
    Thursday, August 15, 2019 5:30 AM
  • The integration of ASC with Microsoft Defender ATP is only for Servers. For a list of supported OS for ASC, read the article below:

    https://docs.microsoft.com/en-us/azure/security-center/security-center-os-coverage

    In summary, the above scenario (Defender ATP on Client sending alert to ASC) is not supported.


    Yuri Diogenes [MSFT] - http://blogs.technet.com/yuridiogenes

    Wednesday, August 28, 2019 7:06 PM
    Moderator