Logic App that also gets results from antivirus scan (MDE)

Hi people,

​

I need some help on how to approach the matter: running (automating) a Logic App that not only starts the antivirus scan on an endpoint (using MS Defender) but also updates when the scan is succesfully done / failed for whatever reason.

In most use cases simply starting the av scan is enough, with the idea that potential findings would raise an alert/incident. In my use case, I need to verify the succeeded scan to able to …

amp antivirus app blueteamsec cases defender endpoint logic logic app matter people results running scan updates use cases