Not a user yet?
Log in Register for free Suggest a product
Update

Storage aggregated logs in XDR's Advanced Hunting (Preview)

Defender for CloudDefender for Cloud
Microsoft
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

August 2025

Storage aggregated logs in XDR's Advanced Hunting (Preview)
The new CloudStorageAggregatedEvents table is now available in Microsoft Defender XDR’s Advanced Hunting experience. It brings aggregated storage activity logs, such as operations, authentication details, access sources, and success/failure counts, from Defender for Cloud into a single, queryable schema. The aggregation reduces noise, improves performance, and provides a high-level view of storage access patterns to support more effective threat detection and investigation.

The logs are available at no additional cost as part of the new per-storage account plan in Defender for Storage. For more information, visit CloudStorageAggregatedEvents (Preview).

Version: August 2025 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft Defender for Cloud updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Banner Logitech