deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 05:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated strings to new syntax

Browse Source
This commit is contained in:
Tudor Dobrila 2020-05-29 10:46:07 -07:00
parent 0ade3ada66
commit fde8590b82
9 changed files with 53 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
View File

@ -64,7 +64,7 @@ For more information on how to configure exclusions from Puppet, Ansible, or ano
Run the following command to see the available switches for managing exclusions: Run the following command to see the available switches for managing exclusions:
```bash ```bash
$ mdatp --exclusion $ mdatp exclusion
``` ```
Examples: Examples:
@ -72,29 +72,29 @@ Examples:
- Add an exclusion for a file extension: - Add an exclusion for a file extension:
```bash ```bash
$ mdatp --exclusion --add-extension .txt $ mdatp exclusion extension add --name .txt
Configuration updated successfully Extension exclusion configured successfully
``` ```
- Add an exclusion for a file: - Add an exclusion for a file:
```bash ```bash
$ mdatp --exclusion --add-folder /var/log/dummy.log $ mdatp exclusion file add --path /var/log/dummy.log
Configuration updated successfully File exclusion configured successfully
``` ```
- Add an exclusion for a folder: - Add an exclusion for a folder:
```bash ```bash
$ mdatp --exclusion --add-folder /var/log/ $ mdatp exclusion folder add --path /var/log/
Configuration updated successfully Folder exclusion configured successfully
``` ```
- Add an exclusion for a process: - Add an exclusion for a process:
```bash ```bash
$ mdatp --exclusion --add-process cat $ mdatp exclusion process add --name cat
Configuration updated successfully Process exclusion configured successfully
``` ```
## Validate exclusions lists with the EICAR test file ## Validate exclusions lists with the EICAR test file

10
windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
View File

@ -268,7 +268,7 @@ Download the onboarding package from Microsoft Defender Security Center:
Initially the client machine is not associated with an organization. Note that the *orgId* attribute is blank: Initially the client machine is not associated with an organization. Note that the *orgId* attribute is blank:
```bash ```bash
mdatp --health orgId mdatp health --field org_id
``` ```
2. Run MicrosoftDefenderATPOnboardingLinuxServer.py, and note that, in order to run this command, you must have `python` installed on the device: 2. Run MicrosoftDefenderATPOnboardingLinuxServer.py, and note that, in order to run this command, you must have `python` installed on the device:
@ -280,13 +280,13 @@ Download the onboarding package from Microsoft Defender Security Center:
3. Verify that the machine is now associated with your organization and reports a valid organization identifier: 3. Verify that the machine is now associated with your organization and reports a valid organization identifier:
```bash ```bash
mdatp --health orgId mdatp health --field org_id
``` ```
4. A few minutes after you complete the installation, you can see the status by running the following command. A return value of `1` denotes that the product is functioning as expected: 4. A few minutes after you complete the installation, you can see the status by running the following command. A return value of `1` denotes that the product is functioning as expected:
```bash ```bash
mdatp --health healthy mdatp health --field healthy
``` ```
> [!IMPORTANT] > [!IMPORTANT]
@ -298,7 +298,7 @@ Download the onboarding package from Microsoft Defender Security Center:
- Ensure that real-time protection is enabled (denoted by a result of `1` from running the following command): - Ensure that real-time protection is enabled (denoted by a result of `1` from running the following command):
```bash ```bash
mdatp --health realTimeProtectionEnabled mdatp health --field real_time_protection_enabled
``` ```
- Open a Terminal window. Copy and execute the following command: - Open a Terminal window. Copy and execute the following command:
@ -310,7 +310,7 @@ Download the onboarding package from Microsoft Defender Security Center:
- The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats: - The file should have been quarantined by Microsoft Defender ATP for Linux. Use the following command to list all the detected threats:
```bash ```bash
mdatp --threat --list --pretty mdatp threat list
``` ```
## Log installation issues ## Log installation issues

4
windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
View File

@ -241,8 +241,8 @@ Now run the tasks files under `/etc/ansible/playbooks/`.
- Validation/configuration: - Validation/configuration:
```bash ```bash
$ ansible -m shell -a 'mdatp --connectivity-test' all $ ansible -m shell -a 'mdatp connectivity test' all
$ ansible -m shell -a 'mdatp --health' all $ ansible -m shell -a 'mdatp health' all
``` ```
- Uninstallation: - Uninstallation:

6
windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
View File

@ -174,10 +174,10 @@ Enrolled agent devices periodically poll the Puppet Server, and install new conf
On the agent machine, you can also check the onboarding status by running: On the agent machine, you can also check the onboarding status by running:
```bash ```bash
$ mdatp --health $ mdatp health
... ...
licensed : true licensed : true
orgId : "[your organization identifier]" org_id : "[your organization identifier]"
... ...
``` ```
@ -190,7 +190,7 @@ orgId : "[your organization identifier]"
You can check that devices have been correctly onboarded by creating a script. For example, the following script checks enrolled devices for onboarding status: You can check that devices have been correctly onboarded by creating a script. For example, the following script checks enrolled devices for onboarding status:
```bash ```bash
mdatp --health healthy mdatp health --field healthy
``` ```
The above command prints `1` if the product is onboarded and functioning as expected. The above command prints `1` if the product is onboarded and functioning as expected.

2
windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
View File

@ -53,7 +53,7 @@ You can configure how PUA files are handled from the command line or from the ma
In Terminal, execute the following command to configure PUA protection: In Terminal, execute the following command to configure PUA protection:
```bash ```bash
$ mdatp --threat --type-handling potentially_unwanted_application [off|audit|block] $ mdatp threat policy set --type potentially_unwanted_application --action [off|audit|block]
``` ```
### Use the management console to configure PUA protection: ### Use the management console to configure PUA protection:

50
windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
View File

@ -31,29 +31,24 @@ If you can reproduce a problem, please increase the logging level, run the syste
1. Increase logging level: 1. Increase logging level:
```bash ```bash
$ mdatp --log-level verbose $ mdatp log level set --level verbose
Creating connection to daemon Log level configured successfully
Connection established
Operation succeeded
``` ```
2. Reproduce the problem. 2. Reproduce the problem.
3. Run `sudo mdatp --diagnostic --create` to backup Microsoft Defender ATP's logs. The files will be stored inside of a .zip archive. This command will also print out the file path to the backup after the operation succeeds: 3. Run `sudo mdatp diagnostic create` to backup Microsoft Defender ATP's logs. The files will be stored inside of a .zip archive. This command will also print out the file path to the backup after the operation succeeds:
```bash ```bash
$ sudo mdatp --diagnostic --create $ sudo mdatp diagnostic create
Creating connection to daemon Diagnostic file created: <path to file>
Connection established
``` ```
4. Restore logging level: 4. Restore logging level:
```bash ```bash
$ mdatp --log-level info $ mdatp log level set --level info
Creating connection to daemon Log level configured successfully
Connection established
Operation succeeded
``` ```
## Log installation issues ## Log installation issues
@ -78,21 +73,22 @@ Important tasks, such as controlling product settings and triggering on-demand s
|Group |Scenario |Command | |Group |Scenario |Command |
|-------------|-------------------------------------------|-----------------------------------------------------------------------| |-------------|-------------------------------------------|-----------------------------------------------------------------------|
|Configuration|Turn on/off real-time protection |`mdatp --config realTimeProtectionEnabled [true/false]` | |Configuration|Turn on/off real-time protection |`mdatp config real_time_protection --value [enabled|disabled]` |
|Configuration|Turn on/off cloud protection |`mdatp --config cloudEnabled [true/false]` | |Configuration|Turn on/off cloud protection |`mdatp config cloud --value [enabled|disabled]` |
|Configuration|Turn on/off product diagnostics |`mdatp --config cloudDiagnosticEnabled [true/false]` | |Configuration|Turn on/off product diagnostics |`mdatp config cloud-diagnostic --value [enabled|disabled]` |
|Configuration|Turn on/off automatic sample submission |`mdatp --config cloudAutomaticSampleSubmission [true/false]` | |Configuration|Turn on/off automatic sample submission |`mdatp config cloud-automatic-sample-submission [enabled|disabled]` |
|Configuration|Turn on PUA protection |`mdatp --threat --type-handling potentially_unwanted_application block`| |Configuration|Turn on/off AV passive mode |`mdatp config passive-mode [enabled|disabled]` |
|Configuration|Turn off PUA protection |`mdatp --threat --type-handling potentially_unwanted_application off` | |Configuration|Turn on PUA protection |`mdatp threat policy set --type potentially_unwanted_application --action block` |
|Configuration|Turn on audit mode for PUA protection |`mdatp --threat --type-handling potentially_unwanted_application audit`| |Configuration|Turn off PUA protection |`mdatp threat policy set --type potentially_unwanted_application --action off` |
|Diagnostics |Change the log level |`mdatp --log-level [error/warning/info/verbose]` | |Configuration|Turn on audit mode for PUA protection |`mdatp threat policy set --type potentially_unwanted_application --action audit` |
|Diagnostics |Generate diagnostic logs |`mdatp --diagnostic --create` | |Diagnostics |Change the log level |`mdatp log level set --level verbose [error|warning|info|verbose]` |
|Health |Check the product's health |`mdatp --health` | |Diagnostics |Generate diagnostic logs |`mdatp diagnostic create` |
|Protection |Scan a path |`mdatp --scan --path [path]` | |Health |Check the product's health |`mdatp health` |
|Protection |Do a quick scan |`mdatp --scan --quick` | |Protection |Scan a path |`mdatp scan custom --path [path]` |
|Protection |Do a full scan |`mdatp --scan --full` | |Protection |Do a quick scan |`mdatp scan quick` |
|Protection |Cancel an ongoing on-demand scan |`mdatp --scan --cancel` | |Protection |Do a full scan |`mdatp scan full` |
|Protection |Request a security intelligence update |`mdatp --definition-update` | |Protection |Cancel an ongoing on-demand scan |`mdatp scan cancel` |
|Protection |Request a security intelligence update |`mdatp definitions update` |
## Microsoft Defender ATP portal information ## Microsoft Defender ATP portal information

4
windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
View File

@ -29,7 +29,7 @@ ms.topic: conceptual
To test if Microsoft Defender ATP for Linux can communicate to the cloud with the current network settings, run a connectivity test from the command line: To test if Microsoft Defender ATP for Linux can communicate to the cloud with the current network settings, run a connectivity test from the command line:
```bash ```bash
$ mdatp --connectivity-test $ mdatp connectivity test
``` ```
If the connectivity test fails, check if the machine has Internet access and if [any of the endpoints required by the product](microsoft-defender-atp-linux.md#network-connections) are blocked by a proxy or firewall. If the connectivity test fails, check if the machine has Internet access and if [any of the endpoints required by the product](microsoft-defender-atp-linux.md#network-connections) are blocked by a proxy or firewall.
@ -84,7 +84,7 @@ $ sudo systemctl daemon-reload; sudo systemctl restart mdatp
Upon success, attempt another connectivity test from the command line: Upon success, attempt another connectivity test from the command line:
```bash ```bash
$ mdatp --connectivity-test $ mdatp connectivity test
``` ```
If the problem persists, contact customer support. If the problem persists, contact customer support.

3
windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
View File

@ -116,6 +116,7 @@ and try again.
If none of the above steps help, collect the diagnostic logs: If none of the above steps help, collect the diagnostic logs:
```bash ```bash
$ sudo mdatp --diagnostic --create $ sudo mdatp diagnostic create
Diagnostic file created: <path to file>
``` ```
Path to a zip file that contains the logs will be displayed as an output. Reach out to our customer support with these logs. Path to a zip file that contains the logs will be displayed as an output. Reach out to our customer support with these logs.

10
windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
View File

@ -36,7 +36,8 @@ The following steps can be used to troubleshoot and mitigate these issues:
If your device is not managed by your organization, real-time protection can be disabled from the command line: If your device is not managed by your organization, real-time protection can be disabled from the command line:
```bash ```bash
$ mdatp --config realTimeProtectionEnabled false $ mdatp config real-time-protection --value disabled
Configuration property updated
``` ```
If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender ATP for Linux](linux-preferences.md). If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender ATP for Linux](linux-preferences.md).
@ -49,19 +50,20 @@ The following steps can be used to troubleshoot and mitigate these issues:
This feature is enabled by default on the `Dogfood` and `InsisderFast` channels. If you're using a different update channel, this feature can be enabled from the command line: This feature is enabled by default on the `Dogfood` and `InsisderFast` channels. If you're using a different update channel, this feature can be enabled from the command line:
```bash ```bash
$ mdatp config real_time_protection_statistics_enabled on $ mdatp config real-time-protection-statistics --value enabled
``` ```
This feature requires real-time protection to be enabled. To check the status of real-time protection, run the following command: This feature requires real-time protection to be enabled. To check the status of real-time protection, run the following command:
```bash ```bash
$ mdatp health $ mdatp health --field real_time_protection_enabled
``` ```
Verify that the `real_time_protection_enabled` entry is `true`. Otherwise, run the following command to enable it: Verify that the `real_time_protection_enabled` entry is `true`. Otherwise, run the following command to enable it:
```bash ```bash
$ mdatp --config realTimeProtectionEnabled true $ mdatp config real-time-protection --value enabled
Configuration property updated
``` ```
To collect current statistics, run: To collect current statistics, run: