Defender for Endpointから脆弱性月次レポートを自動送信
Power Automateを使って、Defender for Endpoint(旧称:Defender ATP)の脆弱性月次レポートを毎月1日にメールにて自動配信させます。
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate01.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate02-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate03-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate04-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate05-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate06-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate07.jpg)
高度なハンティングクエリを使って、メールに添付するレポートCSVファイルのクエリを記述します。
DeviceTvmSoftwareInventoryVulnerabilities
| project DeviceName, SoftwareName, CveId, SoftwareVersion, VulnerabilitySeverityLevel
| join (DeviceTvmSoftwareVulnerabilitiesKB
| project AffectedSoftware, VulnerabilityDescription , CveId , CvssScore , IsExploitAvailable
)
on CveId
| project CveId , SoftwareName , SoftwareVersion , VulnerabilityDescription , VulnerabilitySeverityLevel, IsExploitAvailable , CvssScore
| distinct SoftwareName , SoftwareVersion, CveId, VulnerabilityDescription , VulnerabilitySeverityLevel, IsExploitAvailable
| sort by SoftwareName asc , SoftwareVersion
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate08-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate09-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate10-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate11-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate12-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate13-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate14-1024x555.jpg)
メール本文に掲載するレポートのクエリを記述します。
DeviceTvmSoftwareInventoryVulnerabilities
| project DeviceName, SoftwareName, CveId, SoftwareVersion, VulnerabilitySeverityLevel
| join (DeviceTvmSoftwareVulnerabilitiesKB
| project AffectedSoftware, VulnerabilityDescription , CveId , CvssScore , IsExploitAvailable
)
on CveId
| project CveId , SoftwareName , SoftwareVersion , VulnerabilityDescription , VulnerabilitySeverityLevel, IsExploitAvailable , CvssScore
| distinct SoftwareName , SoftwareVersion, CveId, VulnerabilityDescription , VulnerabilitySeverityLevel, IsExploitAvailable
| summarize count() by VulnerabilitySeverityLevel
| sort by VulnerabilitySeverityLevel nulls last
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate15-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate16-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate17-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate18-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate19-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate20-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate21-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate22-1024x555.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate23-1024x1011.jpg)
![](https://365cloud.jp/wordpress/wp-content/uploads/2020/05/defenderatppowerautomate24-1024x557.jpg)
![お気軽にお問い合わせください。お問合せする](https://365cloud.jp/wordpress/wp-content/themes/365cloud/img/banner-contact.jpg)