"DeviceTvmSoftwareVulnerabilities" Log Mirroring from Microsoft 365 Defender to Microsoft Sentinel

%3CLINGO-SUB%20id%3D%22lingo-sub-3362448%22%20slang%3D%22en-US%22%3E%22DeviceTvmSoftwareVulnerabilities%22%20Log%20Mirroring%20from%20Microsoft%20365%20Defender%20to%20Microsoft%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3362448%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20trying%20to%20get%20the%20logs%20of%20%3CU%3EThreat%20and%20Vulnerability%20management%3C%2FU%3E%20section%20Tables%20(Like%3A%3C%2FP%3E%3CDIV%3E%3CDIV%3E%3CSPAN%3E%22%3CFONT%20color%3D%22%232574A9%22%3EDeviceTvmSoftwareVulnerabilities%3C%2FFONT%3E%22%3C%2FSPAN%3E%3CSPAN%3E)%20that%20is%20exist%20in%20%3CSTRONG%3EMicrosoft%20365%20Defender%3C%2FSTRONG%3E%20and%20display%20it%20in%20Log%20section%20in%20%3CSTRONG%3EMicrosoft%20sentinel.%3C%2FSTRONG%3E%3C%2FSPAN%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CP%3EIs%20there%20a%20way%20to%20do%20that%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%2C%3C%2FP%3E%3CDIV%20class%3D%22%22%3E%3CDIV%20class%3D%22%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22%22%3E%3CDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%20class%3D%22%22%3E%3CDIV%20class%3D%22%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3362448%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ELog%20Data%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESIEM%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3363345%22%20slang%3D%22en-US%22%3ERe%3A%20%22DeviceTvmSoftwareVulnerabilities%22%20Log%20Mirroring%20from%20Microsoft%20365%20Defender%20to%20Micros%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3363345%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1387887%22%20target%3D%22_blank%22%3E%40Qusai_Ismail%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHello%20Quasai%2C%3C%2FP%3E%3CP%3EHere%20you%20can%20find%20the%20list%20of%20tables%20you%20can%20send%20from%20Defender%20to%20Sentinel%3A%26nbsp%3B%3CA%20title%3D%22Connect%20data%20from%20Microsoft%20365%20Defender%20to%20Microsoft%20Sentinel%22%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fsentinel%2Fconnect-microsoft-365-defender%3Ftabs%3DMDE%23%3A~%3Atext%3DIf%2520you%2520want%2520to%2520collect%2520advanced%2520hunting%2520events%2520from%2520Microsoft%2520Defender%2520for%2520Endpoint%2520or%2520Microsoft%2520Defender%2520for%2520Office%2520365%252C%2520the%2520following%2520types%2520of%2520events%2520can%2520be%2520collected%2520from%2520their%2520corresponding%2520advanced%2520hunting%2520tables.%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EConnect%20data%20from%20Microsoft%20365%20Defender%20to%20Microsoft%20Sentinel.%3C%2FA%3E%3C%2FP%3E%3CP%3ECurrently%2C%20there%20is%20no%20table%20called%20%22DeviceTvmSoftwareVulnerabilities%22.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3364736%22%20slang%3D%22en-US%22%3ERe%3A%20%22DeviceTvmSoftwareVulnerabilities%22%20Log%20Mirroring%20from%20Microsoft%20365%20Defender%20to%20Micros%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3364736%22%20slang%3D%22en-US%22%3EIf%20you%20believe%20data%20columns%20or%20tables%20are%20missing%2C%20please%20participate%20in%20the%20following%20survey%3A%20%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4gy%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcda.ms%2F4gy%3C%2FA%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

Hello,

 

We are trying to get the logs of Threat and Vulnerability management section Tables (Like:

"DeviceTvmSoftwareVulnerabilities") that is exist in Microsoft 365 Defender and display it in Log section in Microsoft sentinel.

Is there a way to do that?

 

Thank you,

 
 
 

 

2 Replies

@Qusai_Ismail 

Hello Quasai,

Here you can find the list of tables you can send from Defender to Sentinel: Connect data from Microsoft 365 Defender to Microsoft Sentinel.

Currently, there is no table called "DeviceTvmSoftwareVulnerabilities". 

If you believe data columns or tables are missing, please participate in the following survey: https://cda.ms/4gy
We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE