I just had a popup from Windows Defender, it wanted confirmation for uploading a sample (some browser temp file). Elastic Agent+Defend is also running, the primary tool is still Windows Defender.
In my Elastic Dashboard I got no alerts from the host.
I know there's integrations for MS Defender for Endpoint, but I kind of would like to at least see something that the normal Defender had some suspicion.
Is there some integration I'm missing to see such events or is it a topic of tracking the event logs?