From bda280c12d7f596b31a03c3a2256f7104d955e6f Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Thu, 26 Mar 2020 15:09:42 +0530 Subject: [PATCH 1/9] Troubleshooting document for installation in Linux --- .../linux-support-install.md | 99 +++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md new file mode 100644 index 0000000000..5a3c850cf9 --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -0,0 +1,99 @@ +--- +title: Troubleshoot installation issues for Microsoft Defender ATP for Linux +ms.reviewer: +description: Troubleshoot installation issues for Microsoft Defender ATP for Linux +keywords: microsoft, defender, atp, linux, installation +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: dansimp +author: dansimp +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +--- + +# Troubleshoot installation issues for Microsoft Defender ATP for Linux + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux](microsoft-defender-atp-linux.md) + +## Installation failed + +An error in installation may or may not result in a meaningful error message by the package manager. One can obtain the installation logs using: +```bash +$ sudo journalctl | grep 'microsoft-mdatp' > installation.log +$ grep 'postinstall end' installation.log + +microsoft-mdatp-installer[102243]: postinstall end [2020-03-26 07:04:43OURCE +0000] 102216 +``` +An output from the previous command with correct date and time indicates success. + +Check if the daemon is running: +```bash +$ ps aux | grep wdavdaemon + +root 1966 0.2 0.8 1068244 82492 ? Ssl 10:37 0:24 /opt/microsoft/mdatp/sbin/wdavdaemon +mdatp 1967 0.0 3.7 1133040 373652 ? Sl 10:37 0:02 /opt/microsoft/mdatp/sbin/wdavdaemon +root 1968 0.0 0.2 421316 27048 ? Sl 10:37 0:00 /opt/microsoft/mdatp/sbin/wdavdaemon +``` + +## Steps to troubleshoot if wdavdaemon is not running + +- Check if “mdatp” user exists: +```bash +$ id “mdatp” +``` +If there’s no output, run +```bash +$ useradd --system --no-create-home --user-group --shell /usr/sbin/nologin mdatp +``` + +- Try enabling and restarting the service using: +```bash +$ systemctl enable mdatp +$ systemctl restart mdatp +``` + +- If mdatp.service is not found upon running the previous command, run +```bash +$ cp /opt/microsoft/mdatp/conf/mdatp.service + +where is +lib/systemd/system for Ubuntu and Debian distributions +/usr/lib/systemd/system for Rhel, CentOS, Oracle and SLES +``` +and then re-run step 2. + +- If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Please re-enable immediately though for security reasons after trying this. + +- Ensure that the filesystem containing wdavdaemon should not be mounted with “noexec” + +## If wdavdaemon is running but eicar detection doesn't work + +- Check the filesystem type using: +```bash +$ mount +``` +Currently supported filesystems for on-access activity are ext2, ext3, ext4, temps, btrfs and xfs. Any files outside these filesystems will not be scanned. + +- Collect diagnostic logs: +```bash +$ mdatp --diagnostic --create +``` + +## Command line tool “mdatp” is not working + +- If running the command line tool `mdatp` gives an error `command not found`, run the following: +```bash +$ ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp +``` +and try again. + +- If step 1 doesn't work, please collect the diagnostic logs as indicated in the previous section. From a16bd060c52a5ed92c990d8aa51ba9a018a1b495 Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Fri, 27 Mar 2020 10:43:14 +0530 Subject: [PATCH 2/9] Addressed the comments --- .../linux-support-install.md | 44 +++++++++++-------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 5a3c850cf9..b1256029d8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -37,63 +37,69 @@ An output from the previous command with correct date and time indicates success Check if the daemon is running: ```bash -$ ps aux | grep wdavdaemon +$ systemctl status mdatp -root 1966 0.2 0.8 1068244 82492 ? Ssl 10:37 0:24 /opt/microsoft/mdatp/sbin/wdavdaemon -mdatp 1967 0.0 3.7 1133040 373652 ? Sl 10:37 0:02 /opt/microsoft/mdatp/sbin/wdavdaemon -root 1968 0.0 0.2 421316 27048 ? Sl 10:37 0:00 /opt/microsoft/mdatp/sbin/wdavdaemon +● mdatp.service - Microsoft Defender ATP + Loaded: loaded (/lib/systemd/system/mdatp.service; enabled; vendor preset: enabled) + Active: active (running) since Thu 2020-03-26 10:37:30 IST; 23h ago + Main PID: 1966 (wdavdaemon) + Tasks: 105 (limit: 4915) + CGroup: /system.slice/mdatp.service + ├─1966 /opt/microsoft/mdatp/sbin/wdavdaemon + ├─1967 /opt/microsoft/mdatp/sbin/wdavdaemon + └─1968 /opt/microsoft/mdatp/sbin/wdavdaemon ``` ## Steps to troubleshoot if wdavdaemon is not running -- Check if “mdatp” user exists: +1. Check if “mdatp” user exists: ```bash $ id “mdatp” ``` If there’s no output, run ```bash -$ useradd --system --no-create-home --user-group --shell /usr/sbin/nologin mdatp +$ sudo useradd --system --no-create-home --user-group --shell /usr/sbin/nologin mdatp ``` -- Try enabling and restarting the service using: +2. Try enabling and restarting the service using: ```bash -$ systemctl enable mdatp -$ systemctl restart mdatp +$ sudo systemctl enable mdatp +$ sudo systemctl restart mdatp ``` -- If mdatp.service is not found upon running the previous command, run +3. If mdatp.service is not found upon running the previous command, run ```bash -$ cp /opt/microsoft/mdatp/conf/mdatp.service +$ sudo cp /opt/microsoft/mdatp/conf/mdatp.service where is -lib/systemd/system for Ubuntu and Debian distributions +/lib/systemd/system for Ubuntu and Debian distributions /usr/lib/systemd/system for Rhel, CentOS, Oracle and SLES ``` and then re-run step 2. -- If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Please re-enable immediately though for security reasons after trying this. +4. If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Please re-enable immediately though for security reasons after trying this. -- Ensure that the filesystem containing wdavdaemon should not be mounted with “noexec” +5. Ensure that the filesystem containing wdavdaemon is not mounted with “noexec” ## If wdavdaemon is running but eicar detection doesn't work -- Check the filesystem type using: +1. Check the filesystem type using: ```bash $ mount ``` Currently supported filesystems for on-access activity are ext2, ext3, ext4, temps, btrfs and xfs. Any files outside these filesystems will not be scanned. -- Collect diagnostic logs: +2. Collect diagnostic logs: ```bash $ mdatp --diagnostic --create ``` ## Command line tool “mdatp” is not working -- If running the command line tool `mdatp` gives an error `command not found`, run the following: +1. If running the command line tool `mdatp` gives an error `command not found`, run the following: ```bash -$ ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp +$ sudo ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp ``` and try again. -- If step 1 doesn't work, please collect the diagnostic logs as indicated in the previous section. +2. If step 1 doesn't work, please collect the diagnostic logs as indicated in the previous section. From 961f3654e2243387f731ba8f4590fcd4e33cc8db Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Fri, 27 Mar 2020 15:52:52 +0530 Subject: [PATCH 3/9] Added section to verify successful installation --- windows/security/threat-protection/TOC.md | 2 ++ .../linux-support-install.md | 14 +++++++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index b74873055f..60968a7f67 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -334,6 +334,8 @@ ##### [Configure]() ###### [Static proxy configuration](microsoft-defender-atp/linux-static-proxy-configuration.md) ###### [Set preferences](microsoft-defender-atp/linux-preferences.md) +##### [Troubleshoot]() +###### [Troubleshoot installation issues](microsoft-defender-atp/linux-support-install.md) ##### [Resources](microsoft-defender-atp/linux-resources.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index b1256029d8..2c4bf230cc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -24,18 +24,22 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux](microsoft-defender-atp-linux.md) -## Installation failed +## Verify if installation succeeded -An error in installation may or may not result in a meaningful error message by the package manager. One can obtain the installation logs using: +An error in installation may or may not result in a meaningful error message by the package manager. To verify if the installation succeeded, one can obtain and check the installation logs using: ```bash $ sudo journalctl | grep 'microsoft-mdatp' > installation.log $ grep 'postinstall end' installation.log microsoft-mdatp-installer[102243]: postinstall end [2020-03-26 07:04:43OURCE +0000] 102216 ``` -An output from the previous command with correct date and time indicates success. +An output from the previous command with correct date and time of installation indicates success. -Check if the daemon is running: +Also check the [Client configuration](linux-install-manually.md#client-configuration) to verify the health of the product and detect eicar. + +## Installation failed + +Check if wdavdaemon is running ```bash $ systemctl status mdatp @@ -85,7 +89,7 @@ and then re-run step 2. 1. Check the filesystem type using: ```bash -$ mount +$ findmnt -T ``` Currently supported filesystems for on-access activity are ext2, ext3, ext4, temps, btrfs and xfs. Any files outside these filesystems will not be scanned. From b601535685e031eb55e4ced552c600f98fee5703 Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Sat, 28 Mar 2020 16:31:58 +0530 Subject: [PATCH 4/9] Addressed the comments --- .../linux-support-install.md | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 2c4bf230cc..d8bd217a3d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -35,7 +35,7 @@ microsoft-mdatp-installer[102243]: postinstall end [2020-03-26 07:04:43OURCE +00 ``` An output from the previous command with correct date and time of installation indicates success. -Also check the [Client configuration](linux-install-manually.md#client-configuration) to verify the health of the product and detect eicar. +Also check the [Client configuration](linux-install-manually.md#client-configuration) to verify the health of the product and detect the EICAR text file. ## Installation failed @@ -54,7 +54,7 @@ $ systemctl status mdatp └─1968 /opt/microsoft/mdatp/sbin/wdavdaemon ``` -## Steps to troubleshoot if wdavdaemon is not running +## Steps to troubleshoot if mdatp service isn't running 1. Check if “mdatp” user exists: ```bash @@ -71,7 +71,7 @@ $ sudo systemctl enable mdatp $ sudo systemctl restart mdatp ``` -3. If mdatp.service is not found upon running the previous command, run +3. If mdatp.service isn't found upon running the previous command, run ```bash $ sudo cp /opt/microsoft/mdatp/conf/mdatp.service @@ -81,29 +81,29 @@ where is ``` and then re-run step 2. -4. If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Please re-enable immediately though for security reasons after trying this. +4. If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Re-enable immediately though for security reasons after trying it. -5. Ensure that the filesystem containing wdavdaemon is not mounted with “noexec” +5. Ensure that the file system containing wdavdaemon isn't mounted with “noexec” -## If wdavdaemon is running but eicar detection doesn't work +## If mdatp service is running, but EICAR text file detection doesn't work -1. Check the filesystem type using: +1. Check the file system type using: ```bash -$ findmnt -T +$ findmnt -T ``` -Currently supported filesystems for on-access activity are ext2, ext3, ext4, temps, btrfs and xfs. Any files outside these filesystems will not be scanned. +Currently supported file systems for on-access activity are listed [here](microsoft-defender-atp-linux.md#System-requirements). Any files outside these file systems won't be scanned. 2. Collect diagnostic logs: ```bash -$ mdatp --diagnostic --create +$ sudo mdatp --diagnostic --create ``` -## Command line tool “mdatp” is not working +## Command-line tool “mdatp” isn't working -1. If running the command line tool `mdatp` gives an error `command not found`, run the following: +1. If running the command-line tool `mdatp` gives an error `command not found`, run the following: ```bash $ sudo ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp ``` and try again. -2. If step 1 doesn't work, please collect the diagnostic logs as indicated in the previous section. +2. If step 1 doesn't work, collect the diagnostic logs as indicated in the previous section. From 8320f9804ba8cee6fcb7a890badd06b21d620d8c Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Sat, 28 Mar 2020 18:27:44 +0530 Subject: [PATCH 5/9] Adding reference in the main page --- .../microsoft-defender-atp/linux-support-install.md | 6 +++--- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 4 ++++ 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index d8bd217a3d..1de9872434 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -39,7 +39,7 @@ Also check the [Client configuration](linux-install-manually.md#client-configura ## Installation failed -Check if wdavdaemon is running +Check if the mdatp service is running ```bash $ systemctl status mdatp @@ -79,7 +79,7 @@ where is /lib/systemd/system for Ubuntu and Debian distributions /usr/lib/systemd/system for Rhel, CentOS, Oracle and SLES ``` -and then re-run step 2. +and then rerun step 2. 4. If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Re-enable immediately though for security reasons after trying it. @@ -100,7 +100,7 @@ $ sudo mdatp --diagnostic --create ## Command-line tool “mdatp” isn't working -1. If running the command-line tool `mdatp` gives an error `command not found`, run the following: +1. If running the command-line tool `mdatp` gives an error `command not found`, run the following command: ```bash $ sudo ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp ``` diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 38477041ca..b682f3622d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -145,6 +145,10 @@ Microsoft regularly publishes software updates to improve performance, security, Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Linux](linux-preferences.md). +## How to troubleshoot installation failures in Microsoft Defender ATP for Linux + +If you experience any failures during installation or issues with basic working of the product post installation, refer to [Troubleshooting installation failures in Microsoft Defender ATP for Linux](linux-support-install.md). + ## Resources - For more information about logging, uninstalling, or other topics, see the [Resources](linux-resources.md) page. From aedb28f3e49af2d6985b11465edafb63e5220c57 Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Sun, 29 Mar 2020 17:26:00 +0530 Subject: [PATCH 6/9] Fixing link warning --- .../microsoft-defender-atp/linux-support-install.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 1de9872434..60db667cd1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -91,7 +91,7 @@ and then rerun step 2. ```bash $ findmnt -T ``` -Currently supported file systems for on-access activity are listed [here](microsoft-defender-atp-linux.md#System-requirements). Any files outside these file systems won't be scanned. +Currently supported file systems for on-access activity are listed [here](microsoft-defender-atp-linux.md#system-requirements). Any files outside these file systems won't be scanned. 2. Collect diagnostic logs: ```bash From b1f5fbcfb9e4d9aded66e7384b3f1c6b62ad455c Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Wed, 1 Apr 2020 11:52:50 +0530 Subject: [PATCH 7/9] Minor changes --- .../linux-support-install.md | 28 +++++++++++++------ 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 60db667cd1..6e47bdf901 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -81,9 +81,22 @@ where is ``` and then rerun step 2. -4. If the above steps don’t work, try disabling SELinux, and then starting the service using step 2. Re-enable immediately though for security reasons after trying it. +4. If the above steps don’t work, check if SELinux is installed and in enforcing mode. If so, try setting it to permissive (preferably) or disabled mode. This can be done by setting the parameter `SELINUX` to "permissive" or "disabled" in `/etc/selinux/config` file, followed by reboot. Please check the man page of selinux for more details. +Now try restarting the mdatp service using step 2. Revert the configuration change immediately though for security reasons after trying it and reboot. -5. Ensure that the file system containing wdavdaemon isn't mounted with “noexec” +5. Ensure that the daemon has executable permission. +```bash +$ ls -l /opt/microsoft/mdatp/sbin/wdavdaemon + +-rwxr-xr-x 2 root root 15502160 Mar 3 04:47 /opt/microsoft/mdatp/sbin/wdavdaemon +``` +If the daemon doesn't have executable permissions, please make it executable using: +```bash +$ sudo chmod 0755 /opt/microsoft/mdatp/sbin/wdavdaemon +``` +and retry running step 2. + +6. Ensure that the file system containing wdavdaemon isn't mounted with “noexec”. ## If mdatp service is running, but EICAR text file detection doesn't work @@ -93,11 +106,6 @@ $ findmnt -T ``` Currently supported file systems for on-access activity are listed [here](microsoft-defender-atp-linux.md#system-requirements). Any files outside these file systems won't be scanned. -2. Collect diagnostic logs: -```bash -$ sudo mdatp --diagnostic --create -``` - ## Command-line tool “mdatp” isn't working 1. If running the command-line tool `mdatp` gives an error `command not found`, run the following command: @@ -106,4 +114,8 @@ $ sudo ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp ``` and try again. -2. If step 1 doesn't work, collect the diagnostic logs as indicated in the previous section. +If none of the above works, collect the diagnostic logs: +```bash +$ sudo mdatp --diagnostic --create +``` +Path to a zip file that contains the logs will be displayed as an output. Please reach out to our customer support with these logs. From 57ea36b23551a579e757f2ccf3827856ec709b16 Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Wed, 1 Apr 2020 12:05:29 +0530 Subject: [PATCH 8/9] Acrolinx --- .../microsoft-defender-atp/linux-support-install.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 6e47bdf901..0982c630fa 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -81,7 +81,7 @@ where is ``` and then rerun step 2. -4. If the above steps don’t work, check if SELinux is installed and in enforcing mode. If so, try setting it to permissive (preferably) or disabled mode. This can be done by setting the parameter `SELINUX` to "permissive" or "disabled" in `/etc/selinux/config` file, followed by reboot. Please check the man page of selinux for more details. +4. If the above steps don’t work, check if SELinux is installed and in enforcing mode. If so, try setting it to permissive (preferably) or disabled mode. It can be done by setting the parameter `SELINUX` to "permissive" or "disabled" in `/etc/selinux/config` file, followed by reboot. Check the man-page of selinux for more details. Now try restarting the mdatp service using step 2. Revert the configuration change immediately though for security reasons after trying it and reboot. 5. Ensure that the daemon has executable permission. @@ -90,7 +90,7 @@ $ ls -l /opt/microsoft/mdatp/sbin/wdavdaemon -rwxr-xr-x 2 root root 15502160 Mar 3 04:47 /opt/microsoft/mdatp/sbin/wdavdaemon ``` -If the daemon doesn't have executable permissions, please make it executable using: +If the daemon doesn't have executable permissions, make it executable using: ```bash $ sudo chmod 0755 /opt/microsoft/mdatp/sbin/wdavdaemon ``` @@ -114,8 +114,8 @@ $ sudo ln -sf /opt/microsoft/mdatp/sbin/wdavdaemonclient /usr/bin/mdatp ``` and try again. -If none of the above works, collect the diagnostic logs: +If none of the above steps help, collect the diagnostic logs: ```bash $ sudo mdatp --diagnostic --create ``` -Path to a zip file that contains the logs will be displayed as an output. Please reach out to our customer support with these logs. +Path to a zip file that contains the logs will be displayed as an output. Reach out to our customer support with these logs. From cf33ef96c6dbb83e6f43ba867be3977cacc696a8 Mon Sep 17 00:00:00 2001 From: Ananta Gupta Date: Wed, 1 Apr 2020 22:18:12 +0530 Subject: [PATCH 9/9] Link from installation section in main document --- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index b682f3622d..bf5ad19c12 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -70,6 +70,8 @@ In general you need to take the following steps: - [Deploy using Puppet configuration management tool](linux-install-with-puppet.md) - [Deploy using Ansible configuration management tool](linux-install-with-ansible.md) +If you experience any installation failures, refer to [Troubleshooting installation failures in Microsoft Defender ATP for Linux](linux-support-install.md). + ### System requirements - Supported Linux server distributions and versions: @@ -145,10 +147,6 @@ Microsoft regularly publishes software updates to improve performance, security, Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Linux](linux-preferences.md). -## How to troubleshoot installation failures in Microsoft Defender ATP for Linux - -If you experience any failures during installation or issues with basic working of the product post installation, refer to [Troubleshooting installation failures in Microsoft Defender ATP for Linux](linux-support-install.md). - ## Resources - For more information about logging, uninstalling, or other topics, see the [Resources](linux-resources.md) page.