mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-14 14:27:22 +00:00
fix links add intro to toc
This commit is contained in:
Joey Caparas
parent
eba15dc3a3
commit
713af40356
@ -151,10 +151,7 @@
|
||||
|
||||
#### [Management and APIs](windows-defender-atp/management-apis.md)
|
||||
##### [Understand threat intelligence concepts](windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##### [Windows Defender ATP APIs](windows-defender-atp/apis-intro.md)
|
||||
|
||||
|
||||
##### [Managed security service provider support](windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Microsoft threat protection](windows-defender-atp/threat-protection-integration.md)
|
||||
|
||||
@ -84,7 +84,7 @@
|
||||
|
||||
### [Management and APIs](management-apis.md)
|
||||
#### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Windows Defender ATP APIs](apis-intro.md)
|
||||
#### [Managed security service provider support](mssp-support-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
@ -24,7 +24,7 @@ Collect investigation package from a machine.
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -25,7 +25,7 @@ ms.date: 12/08/2017
|
||||
Enables using event data, as obtained from the [Advanced Hunting](run-advanced-query-api.md) for creating a new alert entity.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -29,7 +29,7 @@ This page describe how to create an application to get programmatical access to
|
||||
|
||||
If you need programmatical access Windows Defender ATP without a user, refer to [Access Windows Defender ATP without a user](exposed-apis-create-app-webapp.md).
|
||||
|
||||
If you are not sure which access you need, read the [Introduction page](exposed-apis-intro.md).
|
||||
If you are not sure which access you need, read the [Introduction page](apis-intro.md).
|
||||
|
||||
Windows Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Windows Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
|
||||
|
||||
@ -170,6 +170,6 @@ Sanity check to make sure you got a correct token:
|
||||
```
|
||||
|
||||
## Related topics
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Supported Windows Defender ATP APIs](exposed-apis-list.md)
|
||||
- [Access Windows Defender ATP without a user](exposed-apis-create-app-webapp.md)
|
||||
@ -27,7 +27,7 @@ This page describes how to create an application to get programmatical access to
|
||||
|
||||
If you need programmatical access Windows Defender ATP on behalf of a user, see [Access Windows Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md)
|
||||
|
||||
If you are not sure which access you need, see [Use Windows Defender ATP APIs](exposed-apis-intro.md).
|
||||
If you are not sure which access you need, see [Use Windows Defender ATP APIs](apis-intro.md).
|
||||
|
||||
Windows Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate workflows and innovate based on Windows Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
|
||||
|
||||
@ -215,6 +215,6 @@ Sanity check to make sure you got a correct token:
|
||||
```
|
||||
|
||||
## Related topics
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Supported Windows Defender ATP APIs](exposed-apis-list.md)
|
||||
- [Access Windows Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md)
|
||||
@ -27,7 +27,7 @@ In this section we share PowerShell samples to
|
||||
- Use token to retrieve the latest alerts in Windows Defender ATP
|
||||
- For each alert, if the alert has medium or high priority and is still in progress, check how many times the machine has connected to suspicious URL.
|
||||
|
||||
>**Prerequisite**: You first need to [create an app](exposed-apis-intro.md).
|
||||
>**Prerequisite**: You first need to [create an app](apis-intro.md).
|
||||
|
||||
## Preparation Instructions
|
||||
|
||||
@ -112,7 +112,7 @@ $response
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using Python](run-advanced-query-sample-python.md)
|
||||
- [Schedule Advanced Hunting](run-advanced-query-sample-ms-flow.md)
|
||||
|
||||
@ -36,4 +36,4 @@ Machines | Run API calls such as find machine information by IP, get machines, g
|
||||
User | Run API calls such as get alert related user information, user information, user related alerts, and user related machines.
|
||||
|
||||
## Related topic
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
@ -28,7 +28,7 @@ Find a machine by internal IP.
|
||||
>The timestamp must be within the last 30 days.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ ms.date: 12/08/2017
|
||||
- The given timestamp must be in the past 30 days.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves an alert by its ID.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves all domains related to a specific alert.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves all files related to a specific alert.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves all IPs related to a specific alert.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves machine that is related to a specific alert.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves the user associated to a specific alert.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -25,7 +25,7 @@ Retrieves top recent alerts.
|
||||
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -27,7 +27,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of alerts related to a given domain address.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of machines that have communicated to or from a given domain address.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves the prevalence for the given domain.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a file by identifier Sha1, Sha256, or MD5.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -25,7 +25,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of alerts related to a given file hash.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of machines related to a given file hash.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -27,7 +27,7 @@ ms.date: 12/08/2017
|
||||
Retrieves the prevalence for the given file.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of alerts related to a given IP address.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of machines that communicated with or from a particular IP.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -25,7 +25,7 @@ ms.date: 12/08/2017
|
||||
Retrieves the prevalence for the given IP.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a machine entity by ID.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of logged on users.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of alerts related to a given machine ID.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Get action performed on a machine.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -25,7 +25,7 @@ ms.date: 12/08/2017
|
||||
Get MachineAction collection API supports [OData V4 queries](https://www.odata.org/documentation/).
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Get a URI that allows downloading of an [investigation package](collect-investigation-package-windows-defender-advanced-threat-protection-new.md).
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ ms.date: 12/08/2017
|
||||
Retrieve a User entity by key (user name or domain\user).
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of alerts related to a given user ID.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 12/08/2017
|
||||
Retrieves a collection of machines related to a given user ID.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 04/24/2018
|
||||
Answers whether a domain was seen in the organization.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ ms.date: 12/08/2017
|
||||
Answers whether an IP was seen in the organization.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ Isolates a machine from accessing external network.
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ Offboard machine from WDATP.
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ Restrict execution of all applications on the machine except a predefined set (s
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -32,7 +32,7 @@ This API is a beta version only and is currently restricted to the following act
|
||||
3. The number of executions is limited (up to 15 minutes every hour and 4 hours a day)
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
@ -145,7 +145,7 @@ Content-Type: application/json
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting from Portal](advanced-hunting-windows-defender-advanced-threat-protection.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
- [Schedule Advanced Hunting](run-advanced-query-sample-ms-flow.md)
|
||||
|
||||
@ -22,7 +22,7 @@ ms.date: 09/24/2018
|
||||
Schedule advanced query.
|
||||
|
||||
## Before you begin
|
||||
You first need to [create an app](exposed-apis-intro.md).
|
||||
You first need to [create an app](apis-intro.md).
|
||||
|
||||
## Use case
|
||||
|
||||
@ -83,6 +83,6 @@ You can find below the full definition
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
@ -128,7 +128,7 @@ If you want to use **user token** instead please refer to [this](run-advanced-qu
|
||||
|
||||
## Related topic
|
||||
- [Create custom Power BI reports with user authentication](run-advanced-query-sample-power-bi-user-token.md)
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
- [Schedule Advanced Hunting](run-advanced-query-sample-ms-flow.md)
|
||||
|
||||
@ -112,7 +112,7 @@ You first need to [create an app](exposed-apis-create-app-nativeapp.md).
|
||||
|
||||
## Related topic
|
||||
- [Create custom Power BI reports with app authentication](run-advanced-query-sample-power-bi-app-token.md)
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
- [Schedule Advanced Hunting](run-advanced-query-sample-ms-flow.md)
|
||||
|
||||
@ -25,7 +25,7 @@ Run advanced queries using PowerShell, see [Advanced Hunting API](run-advanced-q
|
||||
In this section we share PowerShell samples to retrieve a token and use it to run a query.
|
||||
|
||||
## Before you begin
|
||||
You first need to [create an app](exposed-apis-intro.md).
|
||||
You first need to [create an app](apis-intro.md).
|
||||
|
||||
## Preparation instructions
|
||||
|
||||
@ -113,7 +113,7 @@ $results | ConvertTo-Json | Set-Content file1.json
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using Python](run-advanced-query-sample-python.md)
|
||||
- [Schedule Advanced Hunting](run-advanced-query-sample-ms-flow.md)
|
||||
|
||||
@ -23,7 +23,7 @@ Run advanced queries using Python, see [Advanced Hunting API](run-advanced-query
|
||||
|
||||
In this section we share Python samples to retrieve a token and use it to run a query.
|
||||
|
||||
>**Prerequisite**: You first need to [create an app](exposed-apis-intro.md).
|
||||
>**Prerequisite**: You first need to [create an app](apis-intro.md).
|
||||
|
||||
## Get token
|
||||
|
||||
@ -140,7 +140,7 @@ outputFile.close()
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
- [Windows Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
- [Schedule Advanced Hunting](run-advanced-query-sample-ms-flow.md)
|
||||
|
||||
@ -24,7 +24,7 @@ Initiate Windows Defender Antivirus scan on a machine.
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ Undo isolation of a machine.
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -24,7 +24,7 @@ Enable execution of any application on the machine.
|
||||
[!include[Machine actions note](machineactionsnote.md)]
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
@ -23,7 +23,7 @@ ms.date: 12/08/2017
|
||||
Update the properties of an alert entity.
|
||||
|
||||
## Permissions
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)
|
||||
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
|
||||
|
||||
Permission type | Permission | Permission display name
|
||||
:---|:---|:---
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user