Hi @LeifDavisson , Yes, Defender for Identity can monitor non domain joined devices on the network. You can read the Microsoft documentation on this capability here. All you need to do is install the Microsoft Monitoring Agent on the non-domain joined servers to enable Defender for Identity to collect security events and logs. You can follow the guide on how to do so from this page.
Non-Domain connected PC management
LeifDavisson
41
Reputation points
Does anyone know if D4ID can pull logs on a non-domain joined windows machine? We have some Sensitive Servers that are not Domain joined but need to be monitored for local login by admins.
Is this something that Defender 4 ID can do?