Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This query checks for network connection failures to Microsoft Defender for Endpoint URLs. The output includes any device with 1+ connectivity failures, a list of the domains they failed to connect to (including the number of failures), as well as the overall number of failures in the time period. Results are sorted by the total number of connection failures by the device.
| Attribute | Value |
|---|---|
| Type | Hunting Query |
| Solution | GitHub Only |
| ID | d2097370-9cfb-4f52-ab1b-8cb07a033d44 |
| Tactics | Misconfiguration |
| Required Connectors | MicrosoftThreatProtection |
| Source | [View on GitHub](https://github.com/Azure/Azure-Sentinel/blob/master/Hunting Queries/Microsoft%20365%20Defender/Troubleshooting/Connectivity%20Failures%20by%20Device.yaml) |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊