Hi Team,

Please advise how to review defender full scan results on linux endpoint and any detections identified. As per Microsoft – it should show up in MS 365 Defender>Alerts section however I have found nothing there. 

I have tried to browse through directory on endpoint – /var/opt/microsoft/mdatp/log/ however it doesn’t exist. Do I have to enable logging to review scan results? 

Can these results be shipped to Sentinel so that we have logging enabled? 

​Hi Team, Please advise how to review defender full scan results on linux endpoint and any detections identified. As per Microsoft – it should show up in MS 365 Defender>Alerts section however I have found nothing there.  I have tried to browse through directory on endpoint – /var/opt/microsoft/mdatp/log/ however it doesn’t exist. Do I have to enable logging to review scan results?  Can these results be shipped to Sentinel so that we have logging enabled?   Read More

​