deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 05:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

edits for linux exclusions

Browse Source
This commit is contained in:
Marty Hernandez Avedon 2020-09-23 13:01:56 -04:00
parent d71dde7786
commit 4134fce2dd
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
View File

@ -46,6 +46,9 @@ File | A specific file identified by the full path | `/var/log/test.log`<br/>`/v
Folder | All files under the specified folder (recursively) | `/var/log/`<br/>`/var/*/`
Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`<br/>`cat`<br/>`c?t`
> [!IMPORTANT]
> The paths above must be hard links, not symbolic links, in order to be successfully excluded. You can check if a path is a symbolic link by running `file <path-name>`.
File, folder, and process exclusions support the following wildcards:
Wildcard | Description | Example | Matches | Does not match
@ -104,6 +107,16 @@ Examples:
```bash
mdatp exclusion folder add --path "/var/*/"
```
> [!NOTE]
> This will only exclude paths one level below */var/*, but not folders which are more deeply nested; for example, */var/this-subfolder/but-not-this-subfolder*.
```bash
mdatp exclusion folder add --path "/var/"
```
> [!NOTE]
> This will exclude all paths whose parent is */var/*; for example, */var/this-subfolder/and-this-subfolder-as-well*.
```Output
Folder exclusion configured successfully
```