From c08726b30e05b59bca12cf411890abf3e2f112b9 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Thu, 20 Aug 2020 11:06:37 -0700 Subject: [PATCH 1/3] Edit descriptions for SEO. --- .../microsoft-defender-atp/get-file-information.md | 2 +- .../microsoft-defender-atp/get-file-related-alerts.md | 2 +- .../microsoft-defender-atp/get-file-related-machines.md | 2 +- .../microsoft-defender-atp/get-file-statistics.md | 2 +- .../microsoft-defender-atp/get-machine-by-id.md | 2 +- .../microsoft-defender-atp/get-machine-log-on-users.md | 2 +- .../microsoft-defender-atp/get-machine-related-alerts.md | 2 +- .../microsoft-defender-atp/get-machineaction-object.md | 2 +- .../microsoft-defender-atp/get-machineactions-collection.md | 2 +- .../microsoft-defender-atp/get-machinegroups-collection.md | 2 +- .../threat-protection/microsoft-defender-atp/get-machines.md | 2 +- .../get-machinesecuritystates-collection.md | 2 +- .../microsoft-defender-atp/get-ti-indicators-collection.md | 2 +- .../microsoft-defender-atp/get-user-information.md | 2 +- .../microsoft-defender-atp/get-user-related-machines.md | 2 +- .../microsoft-defender-atp/investigate-behind-proxy.md | 2 +- .../threat-protection/microsoft-defender-atp/isolate-machine.md | 2 +- .../threat-protection/microsoft-defender-atp/machine.md | 2 +- .../threat-protection/microsoft-defender-atp/machineaction.md | 2 +- .../microsoft-defender-atp/manage-suppression-rules.md | 2 +- .../microsoft-defender-atp/post-ti-indicator.md | 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md index db2c9f018f..12b129b43f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md @@ -1,6 +1,6 @@ --- title: Get file information API -description: Retrieves a file by identifier Sha1, Sha256, or MD5. +description: Learn how to use the Get file information API to get a file by Sha1, Sha256, or MD5 identifier in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, file, information, sha1, sha256, md5 search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md index 5ea61a7554..446e50982d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md @@ -1,6 +1,6 @@ --- title: Get file related alerts API -description: Retrieves a collection of alerts related to a given file hash. +description: Learn how to use the Get file related alerts API to get a collection of alerts related to a given file hash in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, file, hash search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md index 480f952df9..029c7fc1d5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md @@ -1,6 +1,6 @@ --- title: Get file related machines API -description: Retrieves a collection of devices related to a given file hash. +description: Learn how to use the Get file related machines API to get a collection of machines related to a file hash in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, devices, hash search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md index b6abc23c5f..6f35b59012 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md @@ -1,6 +1,6 @@ --- title: Get file statistics API -description: Retrieves the prevalence for the given file. +description: Learn how to use the Get file statistics API to retrieve the statistics for the given file in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, file, statistics search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md index 91b44caf50..decd49aa4b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md @@ -1,6 +1,6 @@ --- title: Get machine by ID API -description: Retrieves a device entity by ID. +description: Learn how to use the Get machine by ID API retrieves specific machine by its device ID or computer name in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, devices, entity, id search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md index fc56069b04..9856c6c603 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md @@ -1,6 +1,6 @@ --- title: Get machine log on users API -description: Retrieve a collection of logged on users on a specific device using Microsoft Defender ATP APIs. +description: Learn how to use the Get machine log on users API to retrieve a collection of logged on users on a device in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, device, log on, users search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md index e8fb105671..2aa5a05832 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md @@ -1,6 +1,6 @@ --- title: Get machine related alerts API -description: Retrieves a collection of alerts related to a given device ID. +description: Learn how to use the Get machine related alerts API to retrieve all alerts related to a specific device in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, devices, related, alerts search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md index dbcaf5b6fb..abd2981676 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md @@ -1,6 +1,6 @@ --- title: Get MachineAction object API -description: Use this API to create calls related to get machineaction object +description: Learn how to use the Get MachineAction API to retrieve a specific Machine Action by its ID in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, machineaction object search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md index 08f5fff7d0..c8a2ee671c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md @@ -1,6 +1,6 @@ --- title: List machineActions API -description: Use the Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) API to create calls related to get machineactions collection. +description: Learn how to use the List MachineActions API to retrieve a collection of Machine Actions in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, machineaction collection search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md index 8dca334083..b3de168061 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machinegroups-collection.md @@ -1,6 +1,6 @@ --- title: Get RBAC machine groups collection API -description: Retrieves a collection of RBAC device groups. +description: Learn how to use the Get KB collection API to retrieve a collection of RBAC device groups in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, RBAC, group search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines.md index 93303b75fa..5c24fe2ff9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines.md @@ -1,6 +1,6 @@ --- title: List machines API -description: Retrieves a collection of recently seen devices. +description: Learn how to use the List machines API to retrieve a collection of machines that have communicated with Microsoft Defender ATP cloud. keywords: apis, graph api, supported apis, get, devices search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md index 5fed8ccf11..9c22b88199 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md @@ -1,6 +1,6 @@ --- title: Get machines security states collection API -description: Retrieve a collection of device security states using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP. +description: Retrieve a collection of device security states using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). keywords: apis, graph api, supported apis, get, device, security, state search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md index 7ac3ed480b..88927d6912 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md @@ -1,6 +1,6 @@ --- title: List Indicators API -description: Use this API to create calls related to get Indicators collection +description: Learn how to use the List Indicators API to retrieve a collection of all active Indicators in Microsoft Defender Advanced Threat Protection. keywords: apis, public api, supported apis, Indicators collection search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md index 026cdb7ca3..a5efe702fe 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md @@ -1,6 +1,6 @@ --- title: Get user information API -description: Retrieve a User entity by key such as user name or domain. +description: Learn how to use the Get user information API to retrieve a User entity by key, or user name, in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, user, user information search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md index e55f0b9188..7116b8080d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md @@ -1,6 +1,6 @@ --- title: Get user related machines API -description: Retrieves a collection of devices related to a given user ID. +description: Learn how to use the Get user related machines API to retrieve a collection of devices related to a user ID in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, user, user related alerts search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md index 4bace3c6df..424ed0cb61 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md @@ -1,6 +1,6 @@ --- title: Investigate connection events that occur behind forward proxies -description: Investigate connection events that occur behind forward proxies +description: Learn how to use advanced HTTP level monitoring through network protection in Microsoft Defender ATP, which surfaces a real target, instead of a proxy. keywords: proxy, network protection, forward proxy, network events, audit, block, domain names, domain search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md index ca9dbdfdd3..d728d01fff 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md @@ -1,6 +1,6 @@ --- title: Isolate machine API -description: Use this API to create calls related isolating a device. +description: Learn how to use the Isolate machine API to isolate a device from accessing external network in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, isolate device search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md index 92e5b76fd8..e0c0e5b9b1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md @@ -1,6 +1,6 @@ --- title: Machine resource type -description: Retrieves top machines +description: Learn about the methods and properties of the Machine resource type in Microsoft Defender Advanced Threat Protection. keywords: apis, supported apis, get, machines search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md index 930d43341f..be98dcc681 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md @@ -1,6 +1,6 @@ --- title: machineAction resource type -description: Quickly respond to detected attacks by isolating machines or collecting an investigation package. +description: Learn about the methods and properties of the MachineAction resource type in Microsoft Defender Advanced Threat Protection. keywords: apis, supported apis, get, machineaction, recent search.product: eADQiWindows 10XVcnh ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md index 04bb26271d..6b4210212e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md @@ -1,6 +1,6 @@ --- title: Manage Microsoft Defender Advanced Threat Protection suppression rules -description: Manage suppression rules +description: You might need to prevent alerts from appearing in the portal by using suppression rules. Learn how to manage your suppression rules in Microsoft Defender ATP. keywords: manage suppression, rules, rule name, scope, action, alerts, turn on, turn off search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md index 5e1fd0cad0..63ca10ace1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md +++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md @@ -1,6 +1,6 @@ --- title: Submit or Update Indicator API -description: Use this API to submit or Update Indicator. +description: Learn how to use the Submit or Update Indicator API to submit or update a new Indicator entity in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, submit, ti, indicator, update search.product: eADQiWindows 10XVcnh ms.prod: w10 From 24ccffe9ba584ea3809de052c4d8f72ee0a70c76 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Fri, 21 Aug 2020 08:08:20 -0700 Subject: [PATCH 2/3] Additional fixes. --- .../microsoft-defender-atp/get-machine-by-id.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md index decd49aa4b..832b6cd185 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md @@ -1,6 +1,6 @@ --- title: Get machine by ID API -description: Learn how to use the Get machine by ID API retrieves specific machine by its device ID or computer name in Microsoft Defender Advanced Threat Protection. +description: Learn how to use the Get machine by ID API to retrieve a machine by its device ID or computer name in Microsoft Defender Advanced Threat Protection. keywords: apis, graph api, supported apis, get, devices, entity, id search.product: eADQiWindows 10XVcnh ms.prod: w10 From 31c54b6eef13632540b54ffa7ae8ea3fa1f4c872 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Fri, 21 Aug 2020 08:17:19 -0700 Subject: [PATCH 3/3] Simple fix for unconnected issue. --- .../microsoft-defender-atp/isolate-machine.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md index d728d01fff..a74c4a0187 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md @@ -84,13 +84,13 @@ Here is an example of the request. [!include[Improve request performance](../../includes/improve-request-performance.md)] -``` +```console POST https://api.securitycenter.windows.com/api/machines/1e5bc9d7e413ddd7902c2932e418702b84d0cc07/isolate Content-type: application/json { "Comment": "Isolate machine due to alert 1234", “IsolationType”: “Full” } - +``` - To unisolate a device, see [Release device from isolation](unisolate-machine.md).