From 94d76a391c354eff889cdae1201667dd57e6d95e Mon Sep 17 00:00:00 2001 From: Zvi Avidor Date: Thu, 4 Oct 2018 16:13:54 +0300 Subject: [PATCH] Revert "Add machine actions link to all machine actions API" This reverts commit 1ed3b286d6751c7232bf578b7ecba1101f6da9eb. --- ...ge-windows-defender-advanced-threat-protection-new.md | 4 ++-- ...ne-windows-defender-advanced-threat-protection-new.md | 9 +++++---- .../windows-defender-atp/machineactionsnote.md | 5 ----- ...pi-windows-defender-advanced-threat-protection-new.md | 2 -- ...alerts-windows-defender-advanced-threat-protection.md | 4 ++-- ...on-windows-defender-advanced-threat-protection-new.md | 2 -- ...an-windows-defender-advanced-threat-protection-new.md | 2 -- ...on-windows-defender-advanced-threat-protection-new.md | 4 ++-- 8 files changed, 11 insertions(+), 21 deletions(-) delete mode 100644 windows/security/threat-protection/windows-defender-atp/machineactionsnote.md diff --git a/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md index adb088ebb4..0070c9376a 100644 --- a/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection-new.md @@ -19,9 +19,9 @@ ms.date: 12/08/2017 [!include[Prerelease information](prerelease.md)] -Collect investigation package from a machine. -[!include[Machine actions note](machineactionsnote.md)] + +Collect investigation package from a machine. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md) diff --git a/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md index 33e7130f36..4123a2d5c8 100644 --- a/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection-new.md @@ -21,7 +21,8 @@ ms.date: 12/08/2017 Isolates a machine from accessing external network. -[!include[Machine actions note](machineactionsnote.md)] +>[!Note] +> This page focus on activating machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md) @@ -33,8 +34,8 @@ Delegated (work or school account) | Machine.Isolate | 'Isolate machine' >[!Note] > When obtaining a token using user credentials: ->- The user needs to have at least the following role permission: 'Active remediation actions' (See [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md) for more information) ->- The user needs to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information) +>- The user need to have at least the following role permission: 'Active remediation actions' (See [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md) for more information) +>- The user need to have access to the machine, based on machine group settings (See [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) for more information) ## HTTP request @@ -59,7 +60,7 @@ IsolationType | String | Type of the isolation. Allowed values are: 'Full' or 'S **IsolationType** controls the type of isolation to perform and can be one of the following: - Full – Full isolation -- Selective – Restrict only limited set of applications from accessing the network (see [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network) for more details) +- Selective – Restrict only limited set of applications from accessing the network ## Response diff --git a/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md b/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md deleted file mode 100644 index ecc1cebee3..0000000000 --- a/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -ms.date: 08/28/2017 ---- ->[!Note] -> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP. diff --git a/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md index c766797e14..b40d39cbc3 100644 --- a/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md @@ -21,8 +21,6 @@ ms.date: 12/08/2017 Offboard machine from WDATP. -[!include[Machine actions note](machineactionsnote.md)] - ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md) diff --git a/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md index 132ae5943b..064fb37360 100644 --- a/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md @@ -181,7 +181,7 @@ Depending on the severity of the attack and the sensitivity of the machine, you This machine isolation feature disconnects the compromised machine from the network while retaining connectivity to the Windows Defender ATP service, which continues to monitor the machine. -On Windows 10, version 1709 or later, you'll have additional control over the network isolation level. You can also choose to enable Outlook and Skype for Business connectivity (a.k.a 'Selective Isolation'). +On Windows 10, version 1709 or later, you'll have additional control over the network isolation level. You can also choose to enable Outlook and Skype for Business connectivity. >[!NOTE] >You’ll be able to reconnect the machine back to the network at any time. @@ -197,7 +197,7 @@ On Windows 10, version 1709 or later, you'll have additional control over the ne ![Image of isolate machine](images/atp-actions-isolate-machine.png) -3. Select the check-box if you'd like to enable Outlook and Skype communication while the machine is isolated (a.k.a. 'Selective Isolation'). +3. Select the check-box if you'd like to enable Outlook and Skype communication while the machine is isolated. ![Image of isolation confirmation](images/atp-confirm-isolate.png) diff --git a/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md index 2f72e196ee..962dad7581 100644 --- a/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection-new.md @@ -21,8 +21,6 @@ ms.date: 12/08/2017 Restrict execution of all applications on the machine except a predefined set (see [Response machine alerts](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information) -[!include[Machine actions note](machineactionsnote.md)] - ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md) diff --git a/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md index 10db12f264..85c37a2cc6 100644 --- a/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection-new.md @@ -21,8 +21,6 @@ ms.date: 12/08/2017 Initiate Windows Defender Antivirus scan on a machine. -[!include[Machine actions note](machineactionsnote.md)] - ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md) diff --git a/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md index b449ad9983..4deeaa4646 100644 --- a/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md +++ b/windows/security/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md @@ -19,9 +19,9 @@ ms.date: 12/08/2017 [!include[Prerelease information](prerelease.md)] -Enable execution of any application on the machine. -[!include[Machine actions note](machineactionsnote.md)] + +Enable execution of any application on the machine. ## Permissions One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](exposed-apis-intro.md)