deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix mdatp parameters

Browse Source
This commit is contained in:
Max Velitchko
2019-05-07 17:47:12 -07:00
parent 347b16ee2d
commit ed83d70393
4 changed files with 58 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
View File

@ -114,32 +114,14 @@ After installation, you'll see the Microsoft Defender icon in the macOS status b
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
## Configuring from the command line ## Test alert
Important tasks, such as controlling product settings and triggering on-demand scans, can be done from the command line: Run in Terminal the following command. It will download [a harmless file](https://en.wikipedia.org/wiki/EICAR_test_file) which will trigger a test detection.
|Group |Scenario |Command | ```bash
|-------------|-------------------------------------------|-----------------------------------------------------------------------| curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
|Configuration|Turn on/off real-time protection |`mdatp config --rtp [true/false]` | ```
|Configuration|Turn on/off cloud protection |`mdatp config --cloud [true/false]` |
|Configuration|Turn on/off product diagnostics |`mdatp config --diagnostic [true/false]` |
|Configuration|Turn on/off automatic sample submission |`mdatp config --sample-submission [true/false]` |
|Configuration|Turn on PUA protection |`mdatp threat --type-handling --potentially_unwanted_application block`|
|Configuration|Turn off PUA protection |`mdatp threat --type-handling --potentially_unwanted_application off` |
|Configuration|Turn on audit mode for PUA protection |`mdatp threat --type-handling --potentially_unwanted_application audit`|
|Diagnostics |Change the log level |`mdatp log-level --[error/warning/info/verbose]` |
|Diagnostics |Generate diagnostic logs |`mdatp --diagnostic` |
|Health |Check the product's health |`mdatp --health` |
|Protection |Scan a path |`mdatp scan --path [path]` |
|Protection |Do a quick scan |`mdatp scan --quick` |
|Protection |Do a full scan |`mdatp scan --full` |
|Protection |Cancel an ongoing on-demand scan |`mdatp scan --cancel` |
|Protection |Request a definition update |`mdatp --signature-update` |
## Logging installation issues You will get a "Threats found" notification, you can inspect threat's details in the Protection history.
See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. Soon after that you'll get an alert in the ATP Portal.
## Uninstallation
See [Uninstalling](microsoft-defender-atp-mac-resources#Uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices.

12
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
View File

@ -164,6 +164,18 @@ After Intune changes are propagated to the enrolled machines, you'll see it on t
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
## Test alert
Run in Terminal the following command. It will download [a harmless file](https://en.wikipedia.org/wiki/EICAR_test_file) which will trigger a test detection.
```bash
curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
```
You will get a "Threats found" notification, you can inspect threat's details in the Protection history.
Soon after that you'll get an alert in the ATP Portal.
## Logging installation issues ## Logging installation issues
See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.

12
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
View File

@ -199,6 +199,18 @@ sudo /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py |
This script returns 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service, and another exit code if it is not installed or registered. This script returns 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service, and another exit code if it is not installed or registered.
## Test alert
Run in Terminal the following command. It will download [a harmless file](https://en.wikipedia.org/wiki/EICAR_test_file) which will trigger a test detection.
```bash
curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
```
You will get a "Threats found" notification, you can inspect threat's details in the Protection history.
Soon after that you'll get an alert in the ATP Portal.
## Logging installation issues ## Logging installation issues
See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.

35
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
View File

@ -36,9 +36,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
1) Increase logging level: 1) Increase logging level:
```bash ```bash
mavel-mojave:~ testuser$ mdatp log-level --verbose mavel-mojave:~ testuser$ mdatp --log-level verbose
Creating connection to daemon
Connection established
Operation succeeded Operation succeeded
``` ```
@ -47,21 +45,40 @@ If you can reproduce a problem, please increase the logging level, run the syste
3) Run `mdatp --diagnostic` to backup Defender ATP's logs. The command will print out location with generated zip file. 3) Run `mdatp --diagnostic` to backup Defender ATP's logs. The command will print out location with generated zip file.
```bash ```bash
mavel-mojave:~ testuser$ mdatp --diagnostic mavel-mojave:~ testuser$ mdatp --diagnostic --create
Creating connection to daemon
Connection established
"/Library/Application Support/Microsoft/Defender/wdavdiag/d85e7032-adf8-434a-95aa-ad1d450b9a2f.zip" "/Library/Application Support/Microsoft/Defender/wdavdiag/d85e7032-adf8-434a-95aa-ad1d450b9a2f.zip"
``` ```
4) Restore logging level: 4) Restore logging level:
```bash ```bash
mavel-mojave:~ testuser$ mdatp log-level --info mavel-mojave:~ testuser$ mdatp --log-level info
Creating connection to daemon
Connection established
Operation succeeded Operation succeeded
``` ```
## Managing from the command line
Important tasks, such as controlling product settings and triggering on-demand scans, can be done from the command line:
|Group |Scenario |Command |
|-------------|-------------------------------------------|-----------------------------------------------------------------------|
|Configuration|Turn on/off real-time protection |`mdatp --config rtp [true/false]` |
|Configuration|Turn on/off cloud protection |`mdatp --config cloud [true/false]` |
|Configuration|Turn on/off product diagnostics |`mdatp --config diagnostic [true/false]` |
|Configuration|Turn on/off automatic sample submission |`mdatp --config sample-submission [true/false]` |
|Configuration|Turn on PUA protection |`mdatp --threat --type-handling potentially_unwanted_application block`|
|Configuration|Turn off PUA protection |`mdatp --threat --type-handling potentially_unwanted_application off` |
|Configuration|Turn on audit mode for PUA protection |`mdatp --threat --type-handling potentially_unwanted_application audit`|
|Diagnostics |Change the log level |`mdatp --log-level [error/warning/info/verbose]` |
|Diagnostics |Generate diagnostic logs |`mdatp --diagnostic --create` |
|Health |Check the product's health |`mdatp --health` |
|Health |Prints a single health metric |`mdatp --health [metric]` |
|Protection |Scan a path |`mdatp --scan --path [path]` |
|Protection |Do a quick scan |`mdatp --scan --quick` |
|Protection |Do a full scan |`mdatp --scan --full` |
|Protection |Cancel an ongoing on-demand scan |`mdatp --scan --cancel` |
|Protection |Request a definition update |`mdatp --definition-update` |
## Logging installation issues ## Logging installation issues
If an error occurs during installation, the installer will only report a general failure. If an error occurs during installation, the installer will only report a general failure.