While leveraging Defender for Servers in the enterprise across clouds and on—premise both Plans 1 and 2 also deploys Defender for Endpoint giving you endpoint protection with Endpoint Detection and Response (EDR) and Threat Vulnerability Management (TVM).
very cool, looking through the 2 logs hmids and azcmagent I was not able to find MDE extension or information on the MDE onboarding script recorded... That said I didn't have an error recorded. I think those logs are Arc Agent communication to Azure relevant though and useful for tshooting Arc itself, which can be useful if Arc is disconnected or not communicating to end up receiving instructions on the Windows.MDE extension.
what about:
c:\programdata\azureconnectedmachineagent\logs
very cool, looking through the 2 logs hmids and azcmagent I was not able to find MDE extension or information on the MDE onboarding script recorded... That said I didn't have an error recorded. I think those logs are Arc Agent communication to Azure relevant though and useful for tshooting Arc itself, which can be useful if Arc is disconnected or not communicating to end up receiving instructions on the Windows.MDE extension.
Great post, thank you.