Microsoft Defender for Cloud DSM specifications
When you configure Microsoft Defender® for Cloud, understanding the specifications for the Microsoft Defender for Cloud DSM can help ensure a successful integration. For example, knowing what event format is supported for Microsoft Defender for Cloud before you begin can help reduce frustration during the configuration process.
The following table describes the specifications for the Microsoft Defender for Cloud DSM.
| Specification | Value |
|---|---|
| Manufacturer | Microsoft |
| DSM name | Microsoft Defender for Cloud |
| RPM file name | DSM-MicrosoftAzureSecurityCenter-QRadar_version-build_number.noarch.rpm |
| Protocol | Microsoft Graph Security API Microsoft Azure Event Hubs |
| Event format | JSON |
| Recorded event types | Security alert |
| Automatically discovered? | No |
| Includes identity? | No |
| Includes custom properties? | No |
| More information | Security alerts - a reference guide (https://docs.microsoft.com/en-us/azure/security-center/alerts-reference) |