deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into repo_sync_working_branch

Browse Source
This commit is contained in:
Tina Burden 2021-01-11 08:59:53 -08:00 committed by GitHub
commit e58d0f064d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
View File

@ -36,20 +36,23 @@ If you can reproduce a problem, first increase the logging level, run the system
1. Increase logging level: 1. Increase logging level:
```bash ```bash
mdatp log level set --level verbose mdatp log level set --level debug
``` ```
```Output ```Output
Log level configured successfully Log level configured successfully
``` ```
2. Reproduce the problem. 2. Reproduce the problem.
3. Run the following command to back up Defender for Endpoint's logs. The files will be stored inside of a .zip archive. 3. Run the following command to back up Defender for Endpoint's logs. The files will be stored inside of a .zip archive.
```bash ```bash
sudo mdatp diagnostic create sudo mdatp diagnostic create
``` ```
This command will also print out the file path to the backup after the operation succeeds: This command will also print out the file path to the backup after the operation succeeds:
```Output ```Output
Diagnostic file created: <path to file> Diagnostic file created: <path to file>
``` ```
@ -59,6 +62,7 @@ If you can reproduce a problem, first increase the logging level, run the system
```bash ```bash
mdatp log level set --level info mdatp log level set --level info
``` ```
```Output ```Output
Log level configured successfully Log level configured successfully
``` ```
@ -124,6 +128,10 @@ The following table lists commands for some of the most common scenarios. Run `m
|Quarantine management |Add a file detected as a threat to the quarantine |`mdatp threat quarantine add --id [threat-id]` | |Quarantine management |Add a file detected as a threat to the quarantine |`mdatp threat quarantine add --id [threat-id]` |
|Quarantine management |Remove a file detected as a threat from the quarantine |`mdatp threat quarantine remove --id [threat-id]` | |Quarantine management |Remove a file detected as a threat from the quarantine |`mdatp threat quarantine remove --id [threat-id]` |
|Quarantine management |Restore a file from the quarantine |`mdatp threat quarantine restore --id [threat-id]` | |Quarantine management |Restore a file from the quarantine |`mdatp threat quarantine restore --id [threat-id]` |
|Endpoint Detection and Response |Set early preview (unused) |`mdatp edr early-preview [enable|disable]` |
|Endpoint Detection and Response |Set group-id |`mdatp edr group-ids --group-id [group-id]` |
|Endpoint Detection and Response |Set/Remove tag, only `GROUP` supported |`mdatp edr tag set --name GROUP --value [tag]` |
|Endpoint Detection and Response |list exclusions (root) |`mdatp edr exclusion list [processes|paths|extensions|all]` |
## Microsoft Defender for Endpoint portal information ## Microsoft Defender for Endpoint portal information