Tracking a file using its Hash Value
Hi, I want to track files based on the SHA256 generated hash value. And while I am aware of the n number of tables in Log Analytics, it there any other way to accomplish this?
For example if I want to track a file going out to an external email address, I want to be notified. I thought of transport rules but those don’t seem to be useful for this use case. However I did find some records through Advanced Hunting, but it tracks only files identified as spam/phish/malware etc.
Is there any way to track ALL files without Defender for Endpoint Solutions?
Thanks in advance!
Hi, I want to track files based on the SHA256 generated hash value. And while I am aware of the n number of tables in Log Analytics, it there any other way to accomplish this?For example if I want to track a file going out to an external email address, I want to be notified. I thought of transport rules but those don’t seem to be useful for this use case. However I did find some records through Advanced Hunting, but it tracks only files identified as spam/phish/malware etc.Is there any way to track ALL files without Defender for Endpoint Solutions? Thanks in advance! Read More