From f98baf2b4b9fd113299ad33c7a0aa3cb1e44ace0 Mon Sep 17 00:00:00 2001 From: martyav Date: Fri, 3 May 2019 16:00:01 -0400 Subject: [PATCH] added text to mdatp for mac diagnostic logging --- ...rosoft-defender-atp-mac-diagnostic-logging | 64 ------------------- ...oft-defender-atp-mac-diagnostic-logging.md | 64 +++++++++++++++++++ 2 files changed, 64 insertions(+), 64 deletions(-) delete mode 100644 windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging deleted file mode 100644 index d2ccd7fac2..0000000000 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging +++ /dev/null @@ -1,64 +0,0 @@ ---- -title: Collecting diagnostic information from Microsoft Defender ATP for Mac -description: Describes how to collect diagnostic information from Microsoft Defender ATP for Mac. -keywords: microsoft, defender, atp, mac, installation, deploy, intune, jamf, macos, mojave, high sierra, sierra -search.product: eADQiWindows 10XVcnh -search.appverid: #met150 -ms.prod: #w10 -ms.mktglfcycl: #deploy -ms.sitesec: library -ms.pagetype: security -ms.author: v-maave -author: martyav -ms.localizationpriority: #medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: conceptual ---- - -# Collecting diagnostic information - -**Applies to:** - -[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](https://go.microsoft.com/fwlink/p/?linkid=???To-Add???) - ->[!IMPORTANT] ->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. - -If you can reproduce a problem, please increase the logging level, run the system for some time, and restore the logging level to the default. - -1) Increase logging level: - -```bash - mavel-mojave:~ testuser$ mdatp log-level --verbose - Creating connection to daemon - Connection established - Operation succeeded -``` - -2) Reproduce the problem - -3) Run `mdatp --diagnostic` to backup Defender ATP's logs. The command will print out location with generated zip file. - - ```bash - mavel-mojave:~ testuser$ mdatp --diagnostic - Creating connection to daemon - Connection established - "/Library/Application Support/Microsoft/Defender/wdavdiag/d85e7032-adf8-434a-95aa-ad1d450b9a2f.zip" - ``` - -4) Restore logging level: - - ```bash - mavel-mojave:~ testuser$ mdatp log-level --info - Creating connection to daemon - Connection established - Operation succeeded - ``` - -## Installation issues - -If an error occurs during installation, the installer will only report a general failure. - -The detailed log will be saved to /Library/Logs/Microsoft/wdav.install.log. If you experience issues during installation, send us this file so we can help diagnose the cause. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging.md index e69de29bb2..d2ccd7fac2 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-diagnostic-logging.md @@ -0,0 +1,64 @@ +--- +title: Collecting diagnostic information from Microsoft Defender ATP for Mac +description: Describes how to collect diagnostic information from Microsoft Defender ATP for Mac. +keywords: microsoft, defender, atp, mac, installation, deploy, intune, jamf, macos, mojave, high sierra, sierra +search.product: eADQiWindows 10XVcnh +search.appverid: #met150 +ms.prod: #w10 +ms.mktglfcycl: #deploy +ms.sitesec: library +ms.pagetype: security +ms.author: v-maave +author: martyav +ms.localizationpriority: #medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +--- + +# Collecting diagnostic information + +**Applies to:** + +[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](https://go.microsoft.com/fwlink/p/?linkid=???To-Add???) + +>[!IMPORTANT] +>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + +If you can reproduce a problem, please increase the logging level, run the system for some time, and restore the logging level to the default. + +1) Increase logging level: + +```bash + mavel-mojave:~ testuser$ mdatp log-level --verbose + Creating connection to daemon + Connection established + Operation succeeded +``` + +2) Reproduce the problem + +3) Run `mdatp --diagnostic` to backup Defender ATP's logs. The command will print out location with generated zip file. + + ```bash + mavel-mojave:~ testuser$ mdatp --diagnostic + Creating connection to daemon + Connection established + "/Library/Application Support/Microsoft/Defender/wdavdiag/d85e7032-adf8-434a-95aa-ad1d450b9a2f.zip" + ``` + +4) Restore logging level: + + ```bash + mavel-mojave:~ testuser$ mdatp log-level --info + Creating connection to daemon + Connection established + Operation succeeded + ``` + +## Installation issues + +If an error occurs during installation, the installer will only report a general failure. + +The detailed log will be saved to /Library/Logs/Microsoft/wdav.install.log. If you experience issues during installation, send us this file so we can help diagnose the cause. \ No newline at end of file