I have installed Microsoft Defender Endpoint integration to collect logs. The agent was installed properly and the other configuration. But If I go to Elastic Search -> Discover and try to create a new data view, I can't find the index "logs-microsoft-defender" or anything related to this.
What could be going wrong that it is not collecting any data?
The issue is similar to this: Data Stream not found in Data Views
HI,
and something like this: logs-microsoft_defender_endpoint?
that one was also not found. wondering what else should I check.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.