deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 21:03:42 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

add Mac quarantine location, ref ##6078

Browse Source 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
This commit is contained in:
Thomas Sjögren
2020-03-04 14:36:25 +01:00
parent 09d36cf13a
commit 1210b9189f
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
View File

@ -13,7 +13,7 @@ author: dansimp
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.collection: M365-security-compliance
ms.topic: conceptual
---
@ -59,7 +59,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
If an error occurs during installation, the installer will only report a general failure.
The detailed log will be saved to /Library/Logs/Microsoft/mdatp/install.log. If you experience issues during installation, send us this file so we can help diagnose the cause.
The detailed log will be saved to `/Library/Logs/Microsoft/mdatp/install.log`. If you experience issues during installation, send us this file so we can help diagnose the cause.
## Uninstalling
@ -72,6 +72,7 @@ There are several ways to uninstall Microsoft Defender ATP for Mac. Please note
### From the command line
- ```sudo rm -rf '/Applications/Microsoft Defender ATP.app'```
- ```sudo rm -rf '/Library/Application Support/Microsoft/Defender/'```
## Configuring from the command line
@ -98,6 +99,10 @@ Important tasks, such as controlling product settings and triggering on-demand s
|EDR |Add group tag to machine. EDR tags are used for managing machine groups. For more information, please visit https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups |`mdatp --edr --set-tag GROUP [name]` |
|EDR |Remove group tag from machine |`mdatp --edr --remove-tag [name]` |
## Client Microsoft Defender ATP quarantine directory
`/Library/Application Support/Microsoft/Defender/quarantine/` contains the files quarantined by `mdatp`. The files are named after the threat trackingId. The current trackingIds is shown with `mdatp --threat --list --pretty`.
## Microsoft Defender ATP portal information
In the Microsoft Defender ATP portal, you'll see two categories of information.
@ -121,6 +126,6 @@ Device information, including:
- Computer model
- Processor architecture
- Whether the device is a virtual machine
> [!NOTE]
> Certain device information might be subject to upcoming releases. To send us feedback, use the Microsoft Defender ATP for Mac app and select **Help** > **Send feedback** on your device. Optionally, use the **Feedback** button in the Microsoft Defender Security Center.