Advanced hunting does not return network protection logs
Hello,
I am able to find network protection logs in event viewer:
However, I can’t retrieve network protection logs using advanced hunting and KQL query:
https://help.redcanary.com/hc/en-us/articles/8265764276375-Turn-on-Microsoft-Network-Protection
DeviceNetworkEvents
|where ActionType in (‘ExploitGuardNetworkProtectionAudited’,’ExploitGuardNetworkProtectionBlocked’)
Am I missing something?
Thank you
Hello, I am able to find network protection logs in event viewer: However, I can’t retrieve network protection logs using advanced hunting and KQL query:https://help.redcanary.com/hc/en-us/articles/8265764276375-Turn-on-Microsoft-Network-Protection DeviceNetworkEvents|where ActionType in (‘ExploitGuardNetworkProtectionAudited’,’ExploitGuardNetworkProtectionBlocked’) Am I missing something? Thank you Read More