deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix mdatp parameters

Browse Source
This commit is contained in:
Max Velitchko
2019-05-07 17:47:12 -07:00
parent 347b16ee2d
commit ed83d70393
4 changed files with 58 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
View File

@ -114,32 +114,14 @@ After installation, you'll see the Microsoft Defender icon in the macOS status b
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
## Configuring from the command line ## Test alert
Important tasks, such as controlling product settings and triggering on-demand scans, can be done from the command line: Run in Terminal the following command. It will download [a harmless file](https://en.wikipedia.org/wiki/EICAR_test_file) which will trigger a test detection.
```bash
curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
```
|Group |Scenario |Command | You will get a "Threats found" notification, you can inspect threat's details in the Protection history.
|-------------|-------------------------------------------|-----------------------------------------------------------------------|
|Configuration|Turn on/off real-time protection |`mdatp config --rtp [true/false]` |
|Configuration|Turn on/off cloud protection |`mdatp config --cloud [true/false]` |
|Configuration|Turn on/off product diagnostics |`mdatp config --diagnostic [true/false]` |
|Configuration|Turn on/off automatic sample submission |`mdatp config --sample-submission [true/false]` |
|Configuration|Turn on PUA protection |`mdatp threat --type-handling --potentially_unwanted_application block`|
|Configuration|Turn off PUA protection |`mdatp threat --type-handling --potentially_unwanted_application off` |
|Configuration|Turn on audit mode for PUA protection |`mdatp threat --type-handling --potentially_unwanted_application audit`|
|Diagnostics |Change the log level |`mdatp log-level --[error/warning/info/verbose]` |
|Diagnostics |Generate diagnostic logs |`mdatp --diagnostic` |
|Health |Check the product's health |`mdatp --health` |
|Protection |Scan a path |`mdatp scan --path [path]` |
|Protection |Do a quick scan |`mdatp scan --quick` |
|Protection |Do a full scan |`mdatp scan --full` |
|Protection |Cancel an ongoing on-demand scan |`mdatp scan --cancel` |
|Protection |Request a definition update |`mdatp --signature-update` |
## Logging installation issues Soon after that you'll get an alert in the ATP Portal.
See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
## Uninstallation
See [Uninstalling](microsoft-defender-atp-mac-resources#Uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices.

12
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
View File

@ -164,6 +164,18 @@ After Intune changes are propagated to the enrolled machines, you'll see it on t
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png) ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
## Test alert
Run in Terminal the following command. It will download [a harmless file](https://en.wikipedia.org/wiki/EICAR_test_file) which will trigger a test detection.
```bash
curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
```
You will get a "Threats found" notification, you can inspect threat's details in the Protection history.
Soon after that you'll get an alert in the ATP Portal.
## Logging installation issues ## Logging installation issues
See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.

12
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
View File

@ -199,6 +199,18 @@ sudo /Library/Extensions/wdavkext.kext/Contents/Resources/Tools/wdavconfig.py |
This script returns 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service, and another exit code if it is not installed or registered. This script returns 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service, and another exit code if it is not installed or registered.
## Test alert
Run in Terminal the following command. It will download [a harmless file](https://en.wikipedia.org/wiki/EICAR_test_file) which will trigger a test detection.
```bash
curl -o ~/Downloads/eicar.com.txt http://www.eicar.org/download/eicar.com.txt
```
You will get a "Threats found" notification, you can inspect threat's details in the Protection history.
Soon after that you'll get an alert in the ATP Portal.
## Logging installation issues ## Logging installation issues
See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. See [Logging installation issues](microsoft-defender-atp-mac-resources#Logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.

35
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
View File

@ -36,9 +36,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
1) Increase logging level: 1) Increase logging level:
```bash ```bash
mavel-mojave:~ testuser$ mdatp log-level --verbose mavel-mojave:~ testuser$ mdatp --log-level verbose
Creating connection to daemon
Connection established
Operation succeeded Operation succeeded
``` ```
@ -47,21 +45,40 @@ If you can reproduce a problem, please increase the logging level, run the syste
3) Run `mdatp --diagnostic` to backup Defender ATP's logs. The command will print out location with generated zip file. 3) Run `mdatp --diagnostic` to backup Defender ATP's logs. The command will print out location with generated zip file.
```bash ```bash
mavel-mojave:~ testuser$ mdatp --diagnostic mavel-mojave:~ testuser$ mdatp --diagnostic --create
Creating connection to daemon
Connection established
"/Library/Application Support/Microsoft/Defender/wdavdiag/d85e7032-adf8-434a-95aa-ad1d450b9a2f.zip" "/Library/Application Support/Microsoft/Defender/wdavdiag/d85e7032-adf8-434a-95aa-ad1d450b9a2f.zip"
``` ```
4) Restore logging level: 4) Restore logging level:
```bash ```bash
mavel-mojave:~ testuser$ mdatp log-level --info mavel-mojave:~ testuser$ mdatp --log-level info
Creating connection to daemon
Connection established
Operation succeeded Operation succeeded
``` ```
## Managing from the command line
Important tasks, such as controlling product settings and triggering on-demand scans, can be done from the command line:
|Group |Scenario |Command |
|-------------|-------------------------------------------|-----------------------------------------------------------------------|
|Configuration|Turn on/off real-time protection |`mdatp --config rtp [true/false]` |
|Configuration|Turn on/off cloud protection |`mdatp --config cloud [true/false]` |
|Configuration|Turn on/off product diagnostics |`mdatp --config diagnostic [true/false]` |
|Configuration|Turn on/off automatic sample submission |`mdatp --config sample-submission [true/false]` |
|Configuration|Turn on PUA protection |`mdatp --threat --type-handling potentially_unwanted_application block`|
|Configuration|Turn off PUA protection |`mdatp --threat --type-handling potentially_unwanted_application off` |
|Configuration|Turn on audit mode for PUA protection |`mdatp --threat --type-handling potentially_unwanted_application audit`|
|Diagnostics |Change the log level |`mdatp --log-level [error/warning/info/verbose]` |
|Diagnostics |Generate diagnostic logs |`mdatp --diagnostic --create` |
|Health |Check the product's health |`mdatp --health` |
|Health |Prints a single health metric |`mdatp --health [metric]` |
|Protection |Scan a path |`mdatp --scan --path [path]` |
|Protection |Do a quick scan |`mdatp --scan --quick` |
|Protection |Do a full scan |`mdatp --scan --full` |
|Protection |Cancel an ongoing on-demand scan |`mdatp --scan --cancel` |
|Protection |Request a definition update |`mdatp --definition-update` |
## Logging installation issues ## Logging installation issues
If an error occurs during installation, the installer will only report a general failure. If an error occurs during installation, the installer will only report a general failure.