deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 00:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

auditd notice

Browse Source
This commit is contained in:
Mati Goldberg 2020-11-16 21:37:39 +02:00
parent 700f528cec
commit 5336b80da8
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
View File

@ -92,6 +92,10 @@ If you experience any installation failures, refer to [Troubleshooting installat
After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
- Audit framework (`auditd`) must be enabled.
>[!NOTE]
> System events captured by rules added to `audit.logs` will add to audit logs and might affect host auditing and upstream collection. Events added by Microsoft Defender for Endopoint for Linux will be tagged with `mdatp` key.
### Network connections
The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs. If there are, you may need to create an *allow* rule specifically for them.