Forum Discussion
Azure Arc Machine still showing in Security Recommendations after Deletion
I removed the extensions then removed the Machine from Azure Arc. Even deleted all of the folders associated with the agent. However, the machine still shows up in our Security Recommendations in Defender. The recommendation is for Vulnerabilities in security configuration on your Windows machines should be remediated (powered by Guest Configuration).
I guess something was missed during the delete process of the machine? How do I get this recommendation to stop showing. The machine is deleted.
Thank you
3 Replies
It seems the machine's metadata is still in Azure Defender, even after deletion. To resolve this:
- Check Defender for Cloud inventory and manually remove the machine if listed.
- Rescan resources in Defender to update the records.
- Wait for a system refresh, as it might take time for changes to propagate.
Reference URL: https://learn.microsoft.com/en-us/azure/defender-for-cloud/
Hi HmeltonAppDev ,
You can define an exception rule for this server.
Quick shot, I know...
The link to the Microsoft documentation to create an exception: https://learn.microsoft.com/en-gb/azure/defender-for-cloud/exempt-resource
I'm curious 🙂 If you search for the server in the Azure portal, there will be no more entry?
Best regards,
Matthias
- Today bothe servers were not in the Recommendations. I guess it takes longer than 24 hours to refresh.
