mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-16 02:43:43 +00:00
move mgt and api topics to overview
This commit is contained in:
Joey Caparas
@ -13,11 +13,131 @@
|
||||
##### [Network firewall](windows-firewall/windows-firewall-with-advanced-security.md)
|
||||
#### [Next generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
|
||||
#### [Endpoint detection and response](windows-defender-atp/overview-endpoint-detection-response.md)
|
||||
#####Alerts queue
|
||||
###### [View and organize the Alerts queue](windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md)
|
||||
###### [Manage alerts](windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate alerts](windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate files](windows-defender-atp/investigate-files-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate machines](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate an IP address](windows-defender-atp/investigate-ip-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate a domain](windows-defender-atp/investigate-domain-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate a user account](windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#####Machines list
|
||||
###### [View and organize the Machines list](windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md)
|
||||
###### [Manage machine group and tags](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags)
|
||||
###### [Alerts related to this machine](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine)
|
||||
###### [Machine timeline](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
||||
####### [Search for specific events](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events)
|
||||
####### [Filter events from a specific date](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date)
|
||||
####### [Export machine timeline events](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events)
|
||||
####### [Navigate between pages](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages)
|
||||
|
||||
|
||||
##### [Take response actions](windows-defender-atp/response-actions-windows-defender-advanced-threat-protection.md)
|
||||
###### [Take response actions on a machine](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Collect investigation package](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
|
||||
####### [Run antivirus scan](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines)
|
||||
####### [Restrict app execution](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution)
|
||||
####### [Remove app restriction](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction)
|
||||
####### [Isolate machines from the network](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
|
||||
####### [Release machine from isolation](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation)
|
||||
####### [Check activity details in Action center](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
|
||||
###### [Take response actions on a file](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Stop and quarantine files in your network](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
|
||||
####### [Remove file from quarantine](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
|
||||
####### [Block files in your network](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
|
||||
####### [Remove file from blocked list](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list)
|
||||
####### [Check activity details in Action center](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
####### [Deep analysis](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis)
|
||||
####### [Submit files for analysis](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
|
||||
####### [View deep analysis reports](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
|
||||
####### [Troubleshoot deep analysis](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
|
||||
|
||||
##### [Query data using Advanced hunting](windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md)
|
||||
###### [Advanced hunting reference](windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md)
|
||||
###### [Advanced hunting query language best practices](windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
##### [Security operations dashboard](windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
#### [Auto investigation and remediation](windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md)
|
||||
#### [Secure score](windows-defender-atp/overview-secure-score-windows-defender-advanced-threat-protection.md)
|
||||
##### [Threat analytics dashboard](windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
#### [Advanced hunting](windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md)
|
||||
#### [Management and APIs](windows-defender-atp/management-apis.md)
|
||||
###### [Supported Windows Defender ATP APIs](windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md)
|
||||
#######Actor
|
||||
######## [Get actor information](windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get actor related alerts](windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#######Alerts
|
||||
######## [Get alerts](windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert information by ID](windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related actor information](windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related domain information](windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related file information](windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related IP information](windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related machine information](windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
||||
########Domain
|
||||
######### [Get domain related alerts](windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######### [Get domain related machines](windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######### [Get domain statistics](windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######### [Is domain seen in organization](windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#######File
|
||||
######## [Block file API](windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file information](windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file related alerts](windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file related machines](windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file statistics](windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get FileActions collection API](windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
######## [Unblock file API](windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#######IP
|
||||
######## [Get IP related alerts](windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get IP related machines](windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get IP statistics](windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######## [Is IP seen in organization](windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
||||
#######Machines
|
||||
######## [Collect investigation package API](windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
||||
######## [Find machine information by IP](windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get FileMachineAction object API](windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get FileMachineActions collection API](windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machine by ID](windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machine log on users](windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machine related alerts](windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get MachineAction object API](windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get MachineActions collection API](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get package SAS URI API](windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
||||
######## [Isolate machine API](windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
######## [Release machine from isolation API](windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
######## [Remove app restriction API](windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
######## [Request sample API](windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md)
|
||||
######## [Restrict app execution API](windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
######## [Run antivirus scan API](windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md)
|
||||
######## [Stop and quarantine file API](windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
#######User
|
||||
######## [Get alert related user information](windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get user information](windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get user related alerts](windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get user related machines](windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### [Microsoft threat protection](windows-defender-atp/threat-protection-integration.md)
|
||||
##### [Protect users, data, and devices with conditional access](windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md)
|
||||
#### [Portal overview](windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md)
|
||||
@ -139,59 +259,15 @@
|
||||
###### [Use the mpcmdrun.exe command line tool to manage next generation protection](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
|
||||
|
||||
|
||||
#### [Manage endpoint detection and response capabilities](windows-defender-atp/manage-edr.md)
|
||||
#####Alerts queue
|
||||
###### [View and organize the Alerts queue](windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md)
|
||||
###### [Manage alerts](windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate alerts](windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate files](windows-defender-atp/investigate-files-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate machines](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate an IP address](windows-defender-atp/investigate-ip-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate a domain](windows-defender-atp/investigate-domain-windows-defender-advanced-threat-protection.md)
|
||||
###### [Investigate a user account](windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#####Machines list
|
||||
###### [View and organize the Machines list](windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md)
|
||||
###### [Manage machine group and tags](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags)
|
||||
###### [Alerts related to this machine](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine)
|
||||
###### [Machine timeline](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
||||
####### [Search for specific events](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events)
|
||||
####### [Filter events from a specific date](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date)
|
||||
####### [Export machine timeline events](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events)
|
||||
####### [Navigate between pages](windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages)
|
||||
|
||||
|
||||
##### [Take response actions](windows-defender-atp/response-actions-windows-defender-advanced-threat-protection.md)
|
||||
###### [Take response actions on a machine](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Collect investigation package](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
|
||||
####### [Run antivirus scan](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines)
|
||||
####### [Restrict app execution](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution)
|
||||
####### [Remove app restriction](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction)
|
||||
####### [Isolate machines from the network](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
|
||||
####### [Release machine from isolation](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation)
|
||||
####### [Check activity details in Action center](windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
|
||||
###### [Take response actions on a file](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Stop and quarantine files in your network](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
|
||||
####### [Remove file from quarantine](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
|
||||
####### [Block files in your network](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
|
||||
####### [Remove file from blocked list](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list)
|
||||
####### [Check activity details in Action center](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
####### [Deep analysis](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis)
|
||||
####### [Submit files for analysis](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
|
||||
####### [View deep analysis reports](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
|
||||
####### [Troubleshoot deep analysis](windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
|
||||
|
||||
##### [Query data using Advanced hunting](windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md)
|
||||
###### [Advanced hunting reference](windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md)
|
||||
###### [Advanced hunting query language best practices](windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
#### [Manage auto investigation and remediation](windows-defender-atp/manage-auto-investigation-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Configure Security score dashboard security controls](windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Management and APIs](windows-defender-atp/management-apis.md)
|
||||
|
||||
##### [Pull alerts to your SIEM tools](windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md)
|
||||
###### [Enable SIEM integration](windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
||||
###### [Configure Splunk to pull alerts](windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md)
|
||||
@ -200,69 +276,8 @@
|
||||
###### [Pull alerts using REST API](windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md)
|
||||
###### [Troubleshoot SIEM tool integration issues](windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##### [Use the Windows Defender ATP exposed APIs](windows-defender-atp/exposed-apis-windows-defender-advanced-threat-protection.md)
|
||||
###### [Supported Windows Defender ATP APIs](windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md)
|
||||
#######Actor
|
||||
######## [Get actor information](windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get actor related alerts](windows-defender-atp/get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#######Alerts
|
||||
######## [Get alerts](windows-defender-atp/get-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert information by ID](windows-defender-atp/get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related actor information](windows-defender-atp/get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related domain information](windows-defender-atp/get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related file information](windows-defender-atp/get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related IP information](windows-defender-atp/get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get alert related machine information](windows-defender-atp/get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
||||
########Domain
|
||||
######### [Get domain related alerts](windows-defender-atp/get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######### [Get domain related machines](windows-defender-atp/get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######### [Get domain statistics](windows-defender-atp/get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######### [Is domain seen in organization](windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#######File
|
||||
######## [Block file API](windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file information](windows-defender-atp/get-file-information-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file related alerts](windows-defender-atp/get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file related machines](windows-defender-atp/get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get file statistics](windows-defender-atp/get-file-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get FileActions collection API](windows-defender-atp/get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
######## [Unblock file API](windows-defender-atp/unblock-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#######IP
|
||||
######## [Get IP related alerts](windows-defender-atp/get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get IP related machines](windows-defender-atp/get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get IP statistics](windows-defender-atp/get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######## [Is IP seen in organization](windows-defender-atp/is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
||||
#######Machines
|
||||
######## [Collect investigation package API](windows-defender-atp/collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
||||
######## [Find machine information by IP](windows-defender-atp/find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get FileMachineAction object API](windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get FileMachineActions collection API](windows-defender-atp/get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machine by ID](windows-defender-atp/get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machine log on users](windows-defender-atp/get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machine related alerts](windows-defender-atp/get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get MachineAction object API](windows-defender-atp/get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get MachineActions collection API](windows-defender-atp/get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get machines](windows-defender-atp/get-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get package SAS URI API](windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
||||
######## [Isolate machine API](windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
######## [Release machine from isolation API](windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
######## [Remove app restriction API](windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
######## [Request sample API](windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md)
|
||||
######## [Restrict app execution API](windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
######## [Run antivirus scan API](windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md)
|
||||
######## [Stop and quarantine file API](windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
#######User
|
||||
######## [Get alert related user information](windows-defender-atp/get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get user information](windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get user related alerts](windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get user related machines](windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
##### [Use the threat intelligence API to create custom alerts](windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
@ -309,14 +324,12 @@
|
||||
|
||||
|
||||
### [Troubleshoot Windows Defender ATP](windows-defender-atp/troubleshoot-wdatp.md)
|
||||
#### [Review AV/NEXT GEN event logs and error codes to troubleshoot issues - Amitai, etc](windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md)
|
||||
|
||||
####Troubleshoot sensor state
|
||||
##### [Check sensor state](windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md)
|
||||
##### [Fix unhealthy sensors](windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md)
|
||||
##### [Inactive machines](windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines)
|
||||
##### [Misconfigured machines](windows-defender-atp/fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#misconfigured-machines)
|
||||
##### [Review events and errors on machines with Event Viewer](windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md)
|
||||
##### [Review sensor events and errors on machines with Event Viewer](windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Troubleshoot Windows Defender ATP service issues](windows-defender-atp/troubleshoot-windows-defender-advanced-threat-protection.md)
|
||||
##### [Check service health](windows-defender-atp/service-status-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
@ -56,14 +56,81 @@
|
||||
###### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
|
||||
###### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
|
||||
|
||||
|
||||
|
||||
|
||||
### [Auto investigation](automated-investigations-windows-defender-advanced-threat-protection.md)
|
||||
### [Secure score](overview-secure-score-windows-defender-advanced-threat-protection.md)
|
||||
#### [Threat analytics](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
### [Advanced hunting](overview-hunting-windows-defender-advanced-threat-protection.md)
|
||||
### [Management and APIs](management-apis.md)
|
||||
#### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md)
|
||||
#####Actor
|
||||
###### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#####Alerts
|
||||
###### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
||||
######Domain
|
||||
####### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
||||
####### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#####File
|
||||
###### [Block file API](block-file-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
###### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#####IP
|
||||
###### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
||||
###### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
||||
#####Machines
|
||||
###### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
||||
###### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
||||
###### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
###### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
###### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
###### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md)
|
||||
###### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
###### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md)
|
||||
###### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#####User
|
||||
###### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md)
|
||||
#### [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
##### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
||||
##### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
|
||||
##### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
|
||||
##### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
|
||||
##### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
##### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
### [Microsoft threat protection](threat-protection-integration.md)
|
||||
#### [Protect users, data, and devices with conditional access](conditional-access-windows-defender-advanced-threat-protection.md)
|
||||
### [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md)
|
||||
@ -218,76 +285,8 @@
|
||||
##### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md)
|
||||
##### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
#### [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md)
|
||||
##### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md)
|
||||
######Actor
|
||||
####### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######Alerts
|
||||
####### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
||||
#######Domain
|
||||
######## [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
######## [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
||||
######## [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
||||
#### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
######File
|
||||
####### [Block file API](block-file-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
####### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
######IP
|
||||
####### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
||||
####### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
||||
######Machines
|
||||
####### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
||||
####### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
||||
####### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
####### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
####### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
####### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md)
|
||||
####### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
####### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md)
|
||||
####### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
######User
|
||||
####### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
####### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
#### [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
##### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
||||
##### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
##### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
|
||||
##### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
|
||||
##### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
|
||||
##### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
##### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
####Reporting
|
||||
##### [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
||||
@ -299,7 +298,7 @@
|
||||
#### [Fix unhealthy sensors](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md)
|
||||
#### [Inactive machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines)
|
||||
#### [Misconfigured machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#misconfigured-machines)
|
||||
### [Review events and errors on machines with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)
|
||||
### [Review sensor events and errors on machines with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
### [Troubleshoot Windows Defender ATP service issues](troubleshoot-windows-defender-advanced-threat-protection.md)
|
||||
#### [Check service health](service-status-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
Reference in New Issue
Block a user