Microsoft Threat and Vulnerability Integration with Vulnerability Response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā12-13-2022 03:49 AM
How to get only specific tags/machine tags from Microsoft defender(i.e TVM Threat and Vulnerability Management) into vulnerability response. Tried editing the integration parameter machine_filter with "onboardingStatus in ('Onboarded') and machineTags=='SRV_WIN_PRD'" as the value, but receive error "Invalid response code received from MicrosoftTVMMachinesIntegration: Bad Request 400".
Please help me if anyone had implemented any such thing earlier
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā03-23-2023 01:12 PM
Hello msd93 - Did you get a solution for this? I am also looking to implement this. Please share if anything worked out for you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā04-06-2023 05:46 AM
any help with this would be awesome ... did you get a response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ā10-04-2023 05:17 AM - edited ā10-04-2023 05:18 AM
You have to use OData v4 syntax. To filter based on SRV_WIN_PRD machine tag, use the following query:
onboardingStatus in ('Onboarded') and machineTags/any(tag: tag eq 'SRV_WIN_PR')
