MCAS Logs Ingestion MDE vs Log Collector

New Contributor

Hi everyone,

we are currently evaluating MCAS and i am having a bit of a hard time figuring out which of the Logs Ingestion options makes sense.

According to the official documentation either integration with MDE (Defender for Endpoint) or the Log Collector can be used to continuously upload network logs.

https://docs.microsoft.com/en-us/cloud-app-security/set-up-cloud-discovery

DaryaB_0-1617346609408.png

 

So my question is - If we already have MDE in our organization, do we still need Log Collector data or would it just provide duplicate information?

Thanks in advance,

Darya

 

0 Replies
www.000webhost.com