deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 06:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update network-protection-exploit-guard.md

Browse Source 
Exploit guard evaluation package is no longer supported, We have made changes to the document and it only contains steps for manual import.
This commit is contained in:
Sriraman M S 2019-03-23 11:46:43 +05:30 committed by GitHub
parent 3127c0947a
commit 799d91961c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
View File

@ -53,17 +53,11 @@ You can query Windows Defender ATP data by using [Advanced hunting](https://docs
You can review the Windows event log to see events that are created when network protection blocks (or audits) access to a malicious IP or domain:
1. Download the [Exploit Guard Evaluation Package](https://aka.ms/mp7z2w) and extract the file *np-events.xml* to an easily accessible location on the machine.
1. [Copy the XML directly](event-views-exploit-guard.md).
1. Type **Event viewer** in the Start menu to open the Windows Event Viewer.
2. Click **OK**.
2. On the left panel, under **Actions**, click **Import custom view...**
3. Navigate to the Exploit Guard Evaluation Package, and select the file *np-events.xml*. Alternatively, [copy the XML directly](event-views-exploit-guard.md).
4. Click **OK**.
5. This will create a custom view that filters to only show the following events related to network protection:
3. This will create a custom view that filters to only show the following events related to network protection:
Event ID | Description
-|-