[ { "name": "microsoft_defender_endpoint", "title": "Microsoft Defender for Endpoint", "version": "4.6.0", "release": "ga", "description": "Collect logs from Microsoft Defender for Endpoint with Elastic Agent.", "type": "integration", "download": "/epr/microsoft_defender_endpoint/microsoft_defender_endpoint-4.6.0.zip", "path": "/package/microsoft_defender_endpoint/4.6.0", "icons": [ { "src": "/img/logo.svg", "path": "/package/microsoft_defender_endpoint/4.6.0/img/logo.svg", "title": "Microsoft Defender for Endpoint logo", "size": "32x32", "type": "image/svg+xml" } ], "policy_templates": [ { "name": "microsoft_defender_endpoint", "title": "Microsoft Defender for Endpoint", "description": "Collect logs from Microsoft Defender for Endpoint", "deployment_modes": { "default": { "enabled": true }, "agentless": { "enabled": true } } } ], "conditions": { "kibana": { "version": "^8.19.3 || ^9.1.2" } }, "owner": { "type": "elastic", "github": "elastic/security-service-integrations" }, "categories": [ "security", "edr_xdr", "siem", "vulnerability_workflow", "cloudsecurity_cdr" ], "signature_path": "/epr/microsoft_defender_endpoint/microsoft_defender_endpoint-4.6.0.zip.sig", "data_streams": [ { "type": "logs", "dataset": "microsoft_defender_endpoint.log", "title": "Microsoft Defender for Endpoint logs" }, { "type": "logs", "dataset": "microsoft_defender_endpoint.machine", "title": "Collect Microsoft Defender for Endpoint machine logs from API" }, { "type": "logs", "dataset": "microsoft_defender_endpoint.machine_action", "title": "Collect Microsoft Defender for Endpoint machine action logs from API" }, { "type": "logs", "dataset": "microsoft_defender_endpoint.vulnerability", "title": "Collect Microsoft Defender for Endpoint vulnerability and affected machine logs from API" } ] } ]