deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-23 06:13:41 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update custom-detection-rules.md

Browse Source
This commit is contained in:
lomayor
2019-09-19 12:45:09 -07:00
parent c8e10af50e
commit 004b184373
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
View File

@ -64,7 +64,7 @@ Your custom detection rule can automatically take actions on files or machines t
#### Actions on machines
These actions are automatically applied to machines in the `MachineId` column in the query results:
- **Isolate machine** — prevent the machine from connecting to the network. [Learn more about machine isolation](respond-machine-alerts.md#isolate-machines-from-the-network)
- **Isolate machine** — applies full network isolation, preventing the machine from connecting to any application or service, except for the Microsoft Defender ATP service. [Learn more about machine isolation](respond-machine-alerts.md#isolate-machines-from-the-network)
- **Collect investigation package** — collects machine information in a ZIP file. [Learn more about the investigation package](respond-machine-alerts.md#collect-investigation-package-from-machines)
- **Run antivirus scan** — perform a full Windows Defender Antivirus scan on the machine
- **Initiate investigation** — initiate an [automated investigation](automated-investigations.md) on the machine