home home
Other Sites
  • ArcticWolf.com
  • Unified Portal
  • Arctic Circle Community
  • Technical Support Knowledge Base
Request a Demo Internal Documentation
  • Aurora Endpoint Security
  • Managed Detection and Response (MDR)
  • Managed Risk
  • Managed Security Awareness (MA)
  • Incident Readiness and Response
  • Arctic Wolf Unified Portal
  • MSP Portal
  • Authentication
  • Sensors, Scanners, and Log Collectors
  • Arctic Wolf Agent
  • Onboarding Portal
  • Active Response, Log Forwarding, and Security Monitoring
  • Active Directory
  • Cloud Security Posture Management (CSPM)
  • IT Service Management (ITSM)
  • Developer and OEM
  • Product Updates
  • Additional Information about Products and Services
  • Legacy Risk Dashboard
  • Legacy Analytics
  • English
  • 日本語
  • Deutsch
  • Français
Sign In
  • Aurora Endpoint Security
  • Managed Detection and Response (MDR)
  • Managed Risk
  • Managed Security Awareness (MA)
  • Incident Readiness and Response
  • Arctic Wolf Unified Portal
  • MSP Portal
  • Authentication
  • Sensors, Scanners, and Log Collectors
  • Arctic Wolf Agent
  • Onboarding Portal
  • Active Response, Log Forwarding, and Security Monitoring
  • Active Directory
  • Cloud Security Posture Management (CSPM)
  • IT Service Management (ITSM)
  • Developer and OEM
  • Product Updates
  • Additional Information about Products and Services
  • Legacy Risk Dashboard
  • Legacy Analytics
  • English
  • 日本語
  • Deutsch
  • Français
Sign In

Active Response, Log Forwarding, and Security Monitoring

You can configure various Microsoft Defender XDR® products to send the necessary logs to Arctic Wolf® for security monitoring.

Active Response, Log Forwarding, and Security Monitoring
  • Cloud Detection and Response Integrations
    • Cloud Detection and Response Overview
    • Cloud Detection and Response Integrations
    • Configure Abnormal Cloud Email Security
    • Configure Amazon Web Services (AWS)
      • Configure AWS
        • Step 1: Configure AWS Accounts
        • Step 2: Configure AWS CloudTrail Events
        • Step 3: Configure Amazon GuardDuty
          • Configure Amazon GuardDuty
          • Configure GuardDuty – Single Account
          • Configure GuardDuty – Multiple Accounts with AWS Control Tower
          • Configure GuardDuty – Multiple Accounts with AWS Organizations
        • Optional: Configure AWS Security Hub
        • Optional: Configure AWS WAF
        • Optional: Configure AWS S3 Buckets
      • Update AWS CloudFormation Stacks
      • AWS Permissions Granted to Arctic Wolf
      • Supported AWS Regions
    • Configure Auth0
      • Configure Auth0
      • Generate New Token – Auth0
    • Configure Box
    • Configure Cato SSE 360
    • Configure Cisco Duo
    • Configure Cisco Meraki
    • Configure Cisco Secure Email
    • Configure Cisco Umbrella
      • Configure Cisco Umbrella
      • Remove Cisco Umbrella
      • Refresh Cisco Umbrella Credentials
    • Configure CyberArk
      • Configure CyberArk Identity Security Platform
      • Configure CyberArk Privilege Cloud
    • Configure Google Cloud Platform (GCP)
    • Configure Google Workspace
    • Configure iManage Threat Manager
      • Configure iManage Threat Manager
      • Refresh iManage Threat Manager Credentials
    • Configure JumpCloud Directory Insights
    • Configure Microsoft 365
      • Configure Microsoft 365 - Deployment Application
      • Configure Microsoft 365 - Manual
      • Refresh Microsoft 365 Credentials
    • Configure Microsoft Azure
      • Configure Microsoft Azure
        • Deployment application
        • Manual without CloudShell
      • Remove Microsoft Azure App
      • Refresh Microsoft Azure Credentials
      • Supported Microsoft Azure Regions
    • Configure Microsoft Defender XDR
      • Microsoft Defender XDR – Graph API
        • Configure Microsoft Defender XDR – Graph API
        • Refresh Microsoft Defender XDR Credentials
      • Microsoft Defender XDR – Azure Event Hubs
        • Configure Microsoft Defender XDR – Azure Event Hubs
        • Increase Microsoft Defender XDR Azure Event Hubs Partition Count
    • Configure Mimecast
      • Configure Mimecast
      • Delete Mimecast API 1.0 Application
    • Configure Netskope
      • Configure Netskope
      • Refresh Netskope Credentials
    • Configure Okta
    • Configure OneLogin
    • Configure Oracle Cloud Guard
    • Configure PAN Prisma Access
      • Configure PAN Prisma Access
      • PAN Prisma Access Log Types
      • Troubleshoot PAN Prisma Access
    • Configure PingOne
    • Configure Proofpoint Targeted Attack Protection (TAP)
    • Configure Salesforce
    • Configure Wiz
    • Configure Zscaler Internet Access (ZIA) – Cloud
      • Configure Zscaler Internet Access (ZIA) Cloud
      • Generate New Webhook Token
Home ▸ Active Response, Log Forwarding, and Security Monitoring ▸ Cloud Detection and Response Integrations
Share this page
  • LinkedIn
  • X
  • Facebook
  • Email
Print page

Configure Microsoft Defender XDR for Arctic Wolf log monitoring

You can configure various Microsoft Defender XDR® products to send the necessary logs to Arctic Wolf® for security monitoring.

Do one of these actions:
  • Configure Microsoft Defender XDR with Graph API for Arctic Wolf monitoring
  • Configure Microsoft Defender XDR with Azure Event Hubs for Arctic Wolf monitoring
Cloud Detection and Response (CDR) Integrations and Log Forwarding Managed Detection and Response (MDR) Installation or Configuration Public

Last updated: March 30, 2026

Previous Supported Microsoft Azure Regions Next Microsoft Defender XDR – Graph API

Explore Topics

Aurora Endpoint Security Managed Detection and Response (MDR) Managed Risk Managed Security Awareness (MA) Incident Readiness and Response Arctic Wolf Unified Portal MSP Portal Authentication Sensors, Scanners, and Log Collectors Arctic Wolf Agent Onboarding Portal Active Response, Log Forwarding, and Security Monitoring Active Directory Cloud Security Posture Management (CSPM) IT Service Management (ITSM) Developer and OEM Product Updates Additional Information about Products and Services Legacy Risk Dashboard Legacy Analytics
Arctic Wolf Help Documentation
Privacy Policy
Terms of Use
Cookie Policy
Accessibility Statement
Information Security
Sustainability Statement
© 2026 Arctic Wolf Networks Inc. All Rights Reserved.