Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice - Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more

How can we improve Configuration Manager?

← Ideas

Windows Defender Advanced Threat Protection - Collect/Surface Log Data

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection

The ConfigMgr client should collect event log troubleshooting data for Win Defender ATP. The data should be surfaced in the dashboard and be available for creating dynamic collections queries (so you can act on it). A security tool that doesn't clearly show you where it is/isn't working is very problematic.

16 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Nash Pherson (MVP) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Matt Schultz [BCBSNE] commented  ·   ·  Flag as inappropriate

    Expanding on this, ConfigMgr should collect all the Windows Defender events for components it can manage, regardless of whether the customer has ATP. Stepping up to ATP is a significant expense for many customers. Upselling to ATP should be for the benefit of the machine learning enhancements it brings, not manageability of the built-in Windows features.

Ideas: Endpoint Protection

Categories

Feedback and Knowledge Base

(thinking…)