Microsoft Defender for Cloud Data
App Installation
| App | Search Head | Indexer | Heavy Forwarder | UF / Deployment Server | Additional Details |
|---|---|---|---|---|---|
| Microsoft Graph Security API Add-On for Splunk | Required | - | Required | - | Installation Guide |
Important inputs to be configured
- Microsoft Graph Security
Note : Create an index named microsoft_defender_for_cloud or update the cs_microsoft_defender_for_cloud macro definition from Cyences app configuration page (Cyences Settings > Cyences App Configuration > Products Setup).
Estimated Data Size
The Microsoft Defender for cloud data is not large in terms of license and storage usage as it collects alerts data from Microsoft Defender for Cloud but it depends on the number of hosts connected to Microsoft Defender for Cloud.
- Licensing: less than 100MB (daily)