Microsoft

Microsoft Endpoint Configuration Manager Feedback

Suggestion box powered by UserVoice

How can we improve Configuration Manager?

← Ideas

Windows Defender Advanced Threat Protection - Collect/Surface Log Data

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection

The ConfigMgr client should collect event log troubleshooting data for Win Defender ATP. The data should be surfaced in the dashboard and be available for creating dynamic collections queries (so you can act on it). A security tool that doesn't clearly show you where it is/isn't working is very problematic.

13 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Nash Pherson (MVP) shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: Facebook Google
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Matt Schultz [BCBSNE] commented  ·   ·  Flag as inappropriate

    Expanding on this, ConfigMgr should collect all the Windows Defender events for components it can manage, regardless of whether the customer has ATP. Stepping up to ATP is a significant expense for many customers. Upselling to ATP should be for the benefit of the machine learning enhancements it brings, not manageability of the built-in Windows features.

Ideas: Endpoint Protection

Categories

Feedback and Knowledge Base

(thinking…)