deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-16 15:27:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #8333 from martyav/martyav-mdatp-for-linux-update-exclusions

Browse Source 
edits for linux exclusions
This commit is contained in:
Clay Detels 2020-09-25 10:51:13 -07:00 committed by GitHub
commit 52decd552c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
View File

@ -49,6 +49,9 @@ File | A specific file identified by the full path | `/var/log/test.log`<br/>`/v
Folder | All files under the specified folder (recursively) | `/var/log/`<br/>`/var/*/`
Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`<br/>`cat`<br/>`c?t`
> [!IMPORTANT]
> The paths above must be hard links, not symbolic links, in order to be successfully excluded. You can check if a path is a symbolic link by running `file <path-name>`.
File, folder, and process exclusions support the following wildcards:
Wildcard | Description | Example | Matches | Does not match
@ -107,6 +110,16 @@ Examples:
```bash
mdatp exclusion folder add --path "/var/*/"
```
> [!NOTE]
> This will only exclude paths one level below */var/*, but not folders which are more deeply nested; for example, */var/this-subfolder/but-not-this-subfolder*.
```bash
mdatp exclusion folder add --path "/var/"
```
> [!NOTE]
> This will exclude all paths whose parent is */var/*; for example, */var/this-subfolder/and-this-subfolder-as-well*.
```Output
Folder exclusion configured successfully
```