• Install & Activate
  • Troubleshooting
BEST Antivirus KBS : Largest Anti-Malware Knowlegde Base and Support
  • Install & Activate
  • Troubleshooting

Microsoft Defender for Endpoint device timeline event flags

/Download, Install & Active / Microsoft / Download, Install & Active / Microsoft / Microsoft Endpoint / Microsoft Defender for Endpoint device timeline event flags
  • December 25, 2021
  • BEST Antivirus Staff 2
  • Microsoft / Microsoft Endpoint

Contents

  1. Flag an event
  2. View flagged events
    1. Source : Official Microsoft Brand Editor by : BEST Antivirus KBS Team
0
(0)

Event flags in the Defender for Endpoint device timeline help you filter and organize specific events when you’re investigate potential attacks.

The Defender for Endpoint device timeline provides a chronological view of the events and associated alerts observed on a device. This list of events provides full visibility into any events, files, and IP addresses observed on the device. The list can sometimes be lengthy. Device timeline event flags help you track events that could be related.

After you’ve gone through a device timeline, you can sort, filter, and export the specific events that you flagged.

While navigating the device timeline, you can search and filter for specific events. You can set event flags by:

  • Highlighting the most important events
  • Marking events that requires deep dive
  • Building a clean breach timeline

Flag an event

  1. Find the event that you want to flag
  2. Click the flag icon in the Flag column. Image of device timeline flag.
  3. Click the flag icon in the Flag column.

    Image of device timeline flag

View flagged events

  1. In the timeline Filters section, enable Flagged events.
  2. Click Apply. Only flagged events are displayed. You can apply additional filters by clicking on the time bar. This will only show events prior to the flagged event.
    Image of device timeline flag with filter on.
  3. Click Apply. Only flagged events are displayed. You can apply additional filters by clicking on the time bar. This will only show events prior to the flagged event.

    Image of device timeline flag with filter on

Source : Official Microsoft Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 17 times, 1 visits today)
Tagged: MicrosoftMicrosoft for Endpoint

Related Articles

  • All about Microsoft

  • Overview of Microsoft 365 Lighthouse

  • Microsoft Defender for Business (preview) – Frequently asked questions and answers

  • Get help and support for Microsoft Defender for Business (preview)

  • Manage your custom rules for firewall policies in Microsoft Defender for Business (preview)

  • Firewall in Microsoft Defender for Business (preview)

ask or enter a search term

Top Rated Posts

5 (1)

Activate code Avast on Windows PC

5 (1)

[KB5699] Set the PIN in ESET Parental Control for Android

5 (2)

Getting started (app) (ESET)

5 (1)

[KB3239] How do I uninstall or reinstall ESET Cyber Security or ESET Cyber Security Pro?

5 (2)

[KB6842] Upgrade to ESET Cyber Security and ESET Cyber Security Pro version 6.6 fails on previous versions of macOS (10.6 – 10.8)

About

We are BEST Antivirus , Trusted Comparison and Cheap Antivirus Software 2020. KBS is Knowledge Base and Support : This page was created to guide customers through the installation and to resolve all the common errors of anti-virus software.

Partners

› Avast
› AVG
› BitDefender
› ESET
› Trend Micro
› All Partners

Resources

› Store
› Advertise
› Brand Reviews
› Review Platforms
› Contact Page
› Knowledge Base

  • Install & Activate
  • Troubleshooting
© Copyright by BEST Antivirus by SSG Limited