Forum Discussion

marc190511's avatar
marc190511
Copper Contributor
Jun 25, 2024

Microsoft Defender ON Linux VM - Exit Codes

Hello    We have installed Azure Defender on a Linux VM and need to run a custom virus scan from a bash script. Our goal is to scan a file and identify any threats.   We have successfully impleme...
AdelAlDabbas's avatar
AdelAlDabbas
Icon for Microsoft rankMicrosoft
Jun 26, 2024

Hello marc190511 ,

 

When MDATP is active, and real time protection is enabled, there will be no need for the custom scan as files will be scanned as soon as the files land.

 

For Threat Identification, Defender for Endpoint notifies you of possible malicious events, attributes, and contextual information through alerts in the security portal (security.microsoft.com).

If you want something local on the device, you can use "mdatp threat list". For configuration/quarantine management, please refer to the supported commands: Microsoft Defender for Endpoint on Linux resources - Microsoft Defender for Endpoint | Microsoft Learn

 

If the bash script runs immediately, you might run into file access issues as it will be locked. Best approach is to test this first - you might have to slightly delay the bash script.

 

Best regards,

Adel

Resources