The following table provides information on the values returned when you run the mdatp health command and their corresponding descriptions. TABLE 1 Value Description automatic_definition_update_enabled True if automatic antivirus definition updates are enabled, false otherwise. cloud_automatic_sample_submission_consent Current sample submission level. Can be one of the following values: None: No suspicious samples are submitted to Microsoft. Safe: Only […]
To run an update on Microsoft Defender for Endpoint on Linux, see Deploy updates for Microsoft Defender for Endpoint on Linux. Linux (and Unix) have a tool called crontab (similar to Task Scheduler) to be able to run scheduled tasks. Pre-requisite Note To get a list of all the time zones, run the following command: timedatectl list-timezones Examples for […]
Linux (and Unix) have a tool called crontab (similar to Task Scheduler) to be able to run scheduled tasks. Pre-requisite Note To get a list of all the time zones, run the following command: timedatectl list-timezones Examples for timezones: America/Los_Angeles America/New_York America/Chicago America/Denver To set the Cron job Use the following commands: Backup crontab entries BashCopy sudo crontab […]
The potentially unwanted application (PUA) protection feature in Defender for Endpoint on Linux can detect and block PUA files on endpoints in your network. These applications are not considered viruses, malware, or other types of threats, but might perform actions on endpoints that adversely affect their performance or use. PUA can also refer to applications […]
Important This topic contains instructions for how to set preferences for Defender for Endpoint on Linux in enterprise environments. If you are interested in configuring the product on a device from the command-line, see Resources. In enterprise environments, Defender for Endpoint on Linux can be managed through a configuration profile. This profile is deployed from the […]
Microsoft Defender for Endpoint can discover a proxy server using the HTTPS_PROXY environment variable. This setting must be configured both at installation time and after the product has been installed. Installation time configuration During installation, the HTTPS_PROXY environment variable must be passed to the package manager. The package manager can read this variable in any of the following ways: The HTTPS_PROXY variable is […]
This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring. Important The exclusions described in this article don’t apply to other Defender for Endpoint on Linux capabilities, including endpoint detection and response (EDR). Files that you exclude using the methods described in this article can still […]
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. Warning Each version of Defender for Endpoint on Linux has an expiration date, after which it will no longer continue to protect your device. You must update the product prior to this date. To check the expiration date, run the following […]
Before you begin: Install unzip if it’s not already installed. The Chef components are already installed and a Chef repository exists (chef generate repo <reponame>) to store the cookbook that will be used to deploy to Defender for Endpoint on Chef managed Linux servers. You can create a new cookbook in your existing repository by […]
This article describes how to deploy Defender for Endpoint on Linux using Ansible. A successful deployment requires the completion of all of the following tasks: Download the onboarding package Create Ansible YAML files Deployment References Prerequisites and system requirements Before you get started, see the main Defender for Endpoint on Linux page for a description of prerequisites […]