Forum Discussion
Solved
Help with machine is using out of date antimalware client version in the organization script
This is the script provided by Microsoft to know which machine is using out of date antimalware client version in the organization: //check the antimalware client version DeviceFileEvents |wher...
- That didn't work, but thanks for trying. I managed to find another way to fix the issue. As the device name also contains the UPN, I used the follow example to get it to work:
|where FileName == "MsMpEng.exe" and DeviceName contains "contoso"
Hi AnuragSrivastava,
Thanks for this, I noticed the extra line further down "| where AccountDomain contains "bp") on PlatformVersion" was that a typo?
I removed and tried, but no luck, btw the reason I had used 'InitiatingProcessAccountDomain' is because that field in a previous script displayed the domain that I was looking for.
Many Thanks
Thanks for this, I noticed the extra line further down "| where AccountDomain contains "bp") on PlatformVersion" was that a typo?
I removed and tried, but no luck, btw the reason I had used 'InitiatingProcessAccountDomain' is because that field in a previous script displayed the domain that I was looking for.
Many Thanks
AmjadGov
That was just a dummy keyword for domain name. Presently I could also "nt authority" in the domain name field and not the actual domain name.
That was just a dummy keyword for domain name. Presently I could also "nt authority" in the domain name field and not the actual domain name.
- That didn't work, but thanks for trying. I managed to find another way to fix the issue. As the device name also contains the UPN, I used the follow example to get it to work:
|where FileName == "MsMpEng.exe" and DeviceName contains "contoso"