Hello, I want to create alert based on certain events from this eventlog, but can't figure out how to make Dynatrace ingest it.
We have one Log storage configuration rule like this
and this works and default eventlogs are visible in Log viewer. I tried adding this Microsoft-Windows-Windows Defender/Operational
but nothing comes up. According to this documentation page I tried adding a full path to the evtx file which is %SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-Windows Defender%4Operational.evtx but this also don't seem to work.
I tried to add the same in Custom log source configuration like this
but still no events show up even though there are new events happening for example when I disable/enable realtime protection in Windows Security GUI.
Solved! Go to Solution.