Table of Contents |
---|
Overview
Cloud App Security monitoring is a key feature of Microsoft Defender for Cloud Apps. It enables organizations to monitor their cloud-based applications and services for potential security risks, such as unauthorized access, data leakage, and malware. With Cloud App Security monitoring, organizations can gain visibility into all of their cloud-based assets, including applications, services, and data. This enables them to identify and remediate potential security risks before they can cause any harm.
...
- select SIEM Format "Generic CEF"
87. Enter the remote syslog host "127.0.0.1 is used for internal forwarding"
- Enter the remote syslog port "514"
98. Select the remote syslog protocol "UDP"
109.Select the data type you want to export to your SIEM agent:
"All activities"
1110. Copy token - For example: "XEpMSkBBAVpcHQFfQF1bTkMBTENAWktOX19cSkxaXUZbVgFMQEJTGEwXTk4dTRYcHx1NSx5LHB1JGx8fGR5KHxkZG04YGh0WSk4YHBhLHRoaTktMShgfHB8eHhcfF0kfGB5LSUossjsjj==" (for example)
...