Is it safe to disable the 'Microsoft Defender for Endpoint' connector in Sentinel

Occasional Contributor

We recently noticed that the 'Microsoft Defender for Endpoint' connector is no longer sending logs to Sentinel instances for the clients we manage. 
These now seem to be forwarded through the 'Microsoft 365 Defender (Preview)' connector.
However, I am seeing Sentinel instances where the 'Microsoft 365 Defender (Preview)' connector has not been enabled still receiving MDE logs.

I was wondering if it is safe to enable the 'Microsoft 365 Defender (Preview)' connector and disable the 'Microsoft Defender for Endpoint' connector or if that would affect the log forwarding ? 

 

Regards,

Princely Dmello 

0 Replies
www.000webhost.com