HI Folks,
I have integrated Microsoft System Center Endpoint Protection with RSA NW using WINRM method Now I am able to get System, Application and Security logs of SCCM server (SCEP is build in feature of SCCM server). But Now I am unable to get the logs like threat name, threat status, threat description, host infected machine like that.
Could you please help us in this?
Is Windows Defender supported by the winevent_nic log parser?
does this answer your question?