Microsoft 365 Defender API 许可证和使用条款Microsoft 365 Defender APIs license and terms of use


改进的 Microsoft 365 安全中心现在可用。The improved Microsoft 365 security center is now available. 此新体验将 Defender for Endpoint、Defender for Office、365 Microsoft 365 Defender 等引入了 Microsoft 365 安全中心。This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 security center. 了解新增功能Learn what's new.

适用于:Applies to:

  • Microsoft 365 DefenderMicrosoft 365 Defender


某些信息与预发布的产品有关,在商业发布之前可能有重大修改。Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft 对此处所提供的信息不作任何明示或默示的保证。Microsoft makes no warranties, express or implied, with respect to the information provided here.

正式条款Official terms

Microsoft 365 Defender API 受 Microsoft API 许可证和使用条款约束Microsoft 365 Defender APIs are governed by the Microsoft APIs license and terms of use.

Microsoft 和任何参与者根据 Creative Commons Attribution 4.0 国际公共许可证授予你 Microsoft 文档以及此存储库中的其他内容的许可证。 Microsoft and any contributors grant you a license to the Microsoft documentation and other content in this repository, under the Creative Commons Attribution 4.0 International Public License. 有关详细信息,请参阅 LICENSE 文件。For more information, see the LICENSE file.

本文档中引用的 Microsoft、Windows、Microsoft Azure 和/或其他 Microsoft 产品和服务可能是 Microsoft 在美国和/或其他国家/地区中的商标或注册商标。Microsoft, Windows, Microsoft Azure and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries.

此项目的许可证不授予你使用任何 Microsoft 名称、徽标或商标的权利。The licenses for this project don't grant you rights to use any Microsoft names, logos, or trademarks. 可以在 Microsoft 商标上找到 Microsoft 的一般 商标准则Microsoft's general trademark guidelines can be found at Microsoft Trademarks.

隐私信息可在 Microsoft 隐私 上找到Privacy information can be found at Privacy at Microsoft.

Microsoft 和任何参与者保留所有其他权利,无论是其各自的版权、专利还是商标,无论是通过暗示、阻止拼写还是以其他方式。Microsoft and any contributors reserve all other rights, whether under their respective copyrights, patents, or trademarks, whether by implication, estoppel or otherwise.

其他限制Other restrictions

高级搜寻 API 对返回 的结果数和可查询的数据有一些限制。The advanced hunting API has some limitations on the number of results returned, and the data that can be queried.

  1. 只能查询过去 30 天的数据。You can only query data from the past 30 days.
  2. 结果最多包含 100,000 行。The results will include a maximum of 100,000 rows.

配额和资源分配Quotas and resource allocation

Microsoft 365 Defender API 具有限制阈值。The Microsoft 365 Defender APIs have throttling thresholds.

  • 事件 API: 每分钟最多 50 个调用或每小时 1500 个调用。Incidents API: Up to 50 calls per minute or 1500 calls per hour.
  • 高级搜寻 API: 每分钟最多 15 次调用,每小时 10 分钟运行时间,每天 4 小时运行时间。Advanced Hunting API: Up to 15 calls per minute, 10 minutes of running time per hour, and 4 hours of running time per day.

指示限制的 HTTP 响应状态代码为 429The HTTP response status code indicating throttling is 429.

如果请求受到限制,响应正文将指示可以开始再次提出请求的时间。If your request has been throttled, the response body will indicate the time when you can start making requests again.