You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: unified-secops-platform/mto-advanced-hunting.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
---
2
-
title: Advanced hunting in Microsoft Defender multi-tenant management
3
-
description: Learn about advanced hunting in Microsoft Defender multi-tenant management
2
+
title: Advanced hunting in Microsoft Defender multitenant management
3
+
description: Learn about advanced hunting in Microsoft Defender multitenant management
4
4
search.appverid: met150
5
5
ms.service: unified-secops-platform
6
6
ms.author: deniseb
@@ -20,15 +20,15 @@ appliesto:
20
20
- Microsoft Sentinel in the Microsoft Defender portal
21
21
---
22
22
23
-
# Advanced hunting in Microsoft Defender multi-tenant management
23
+
# Advanced hunting in Microsoft Defender multitenant management
24
24
25
-
Advanced hunting in Microsoft Defender multi-tenant management allows you to proactively hunt for intrusion attempts and breach activity in email, data, devices, and accounts across multiple tenants and workspaces at the same time. If you have multiple tenants with Microsoft Sentinel workspaces onboarded to the Microsoft Defender portal, search for security information and event management (SIEM) data together with extended detection and response (XDR) data across multiple tenants and workspaces.
25
+
Advanced hunting in Microsoft Defender multitenant management allows you to proactively hunt for intrusion attempts and breach activity in email, data, devices, and accounts across multiple tenants and workspaces at the same time. If you have multiple tenants with Microsoft Sentinel workspaces onboarded to the Microsoft Defender portal, search for security information and event management (SIEM) data together with extended detection and response (XDR) data across multiple tenants and workspaces.
26
26
27
-
Multiple workspaces per tenant are supported in multi-tenant Advanced hunting as preview.
27
+
Multiple workspaces per tenant are supported in multitenant Advanced hunting as preview.
28
28
29
29
## Run cross-tenant queries
30
30
31
-
You can run any query that you already have access to in the multi-tenant management **Advanced hunting** page.
31
+
You can run any query that you already have access to in the multitenant management **Advanced hunting** page.
32
32
33
33
1. Queries listed on the **Queries** tab are filtered by tenant. Select a tenant to view the queries available for each one.
34
34
@@ -91,7 +91,7 @@ You can also manage custom detection rules from multiple tenants in the custom d
91
91
1. To view custom detection rules, go to the [Custom detection rules page](https://mto.security.microsoft.com/v2/custom_detection) in Microsoft Defender multitenant management.
92
92
2. View the **Tenant name** column to see which tenant the detection rule comes from:
93
93
94
-
:::image type="content" source="media/mto-advanced-hunting/mto-custom-detection-tenant-name.png" alt-text="Screenshot of the Microsoft Defender XDR multi-tenant custom detection page" lightbox="media/mto-advanced-hunting/mto-custom-detection-tenant-name.png":::
94
+
:::image type="content" source="media/mto-advanced-hunting/mto-custom-detection-tenant-name.png" alt-text="Screenshot of the Microsoft Defender XDR multitenant custom detection page" lightbox="media/mto-advanced-hunting/mto-custom-detection-tenant-name.png":::
95
95
96
96
To view only a specific tenant's custom detection rules, select **Filter**, choose the tenant or tenants and select **Apply**.
0 commit comments