deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-16 23:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #3502 from MicrosoftDocs/macky-nixclean04

Browse Source 
Cleaned up code boxes of $s
This commit is contained in:
Kelly Baker 2020-08-12 09:00:44 -07:00 committed by GitHub
commit 7eafd9a1e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
View File

@ -64,7 +64,7 @@ For more information on how to configure exclusions from Puppet, Ansible, or ano
Run the following command to see the available switches for managing exclusions:
```bash
$ mdatp exclusion
mdatp exclusion
```
Examples:
@ -72,28 +72,36 @@ Examples:
- Add an exclusion for a file extension:
```bash
$ mdatp exclusion extension add --name .txt
mdatp exclusion extension add --name .txt
```
```Output
Extension exclusion configured successfully
```
- Add an exclusion for a file:
```bash
$ mdatp exclusion file add --path /var/log/dummy.log
mdatp exclusion file add --path /var/log/dummy.log
```
```Output
File exclusion configured successfully
```
- Add an exclusion for a folder:
```bash
$ mdatp exclusion folder add --path /var/log/
mdatp exclusion folder add --path /var/log/
```
```Output
Folder exclusion configured successfully
```
- Add an exclusion for a process:
```bash
$ mdatp exclusion process add --name cat
mdatp exclusion process add --name cat
```
```Output
Process exclusion configured successfully
```
@ -104,7 +112,7 @@ You can validate that your exclusion lists are working by using `curl` to downlo
In the following Bash snippet, replace `test.txt` with a file that conforms to your exclusion rules. For example, if you have excluded the `.testing` extension, replace `test.txt` with `test.testing`. If you are testing a path, ensure that you run the command within that path.
```bash
$ curl -o test.txt https://www.eicar.org/download/eicar.com.txt
curl -o test.txt https://www.eicar.org/download/eicar.com.txt
```
If Microsoft Defender ATP for Linux reports malware, then the rule is not working. If there is no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the [EICAR test file website](http://2016.eicar.org/86-0-Intended-use.html).