Forward Defender for Endpoint alerts to Sentinel custom log every 15 minutes

Polls Microsoft Defender for Endpoint Graph API every 15 minutes and writes new alerts to a Sentinel custom log table with full machine and evidence context.

defendersentinelmdepushmoderate

Generate this integration ← Back to library

Use case

Forward new Microsoft Defender for Endpoint alerts to a Sentinel custom log every 15 minutes, preserve evidence and machine context, dedupe by alert id

No code yet. Click below to run the Rinox pipeline. The result is saved to this library entry — every future visitor gets it instantly.

Generate this integration Customize firstSign-in + free-tier limit apply

Useful?

Used by 0 teams · Viewed 4 times · Last validated 5/17/2026