Home

AMSI detecting system center opsmgr/cfgmng scripts as malware.

%3CLINGO-SUB%20id%3D%22lingo-sub-313104%22%20slang%3D%22en-US%22%3EAMSI%20detecting%20system%20center%20opsmgr%2Fcfgmng%20scripts%20as%20malware.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-313104%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20import%20all%20the%20system%20logs%20including%20PowerShell%20logs%20into%20a%20seim%20solution%20that's%20based%20on%20%24%2FGB%20but%20both%20sccm%20and%20scom%20run%20powershell%20scripts%20that%20get%20detected%20as%20malware%20which%20is%20overwhelming%20our%20storage%20and%20increasing%20costs.%26nbsp%3B%20I%20think%20there%20are%20many%20different%20way%20to%20resolve%20this%20not%20sure%20which%20is%20best%20but%20was%20wondering%20if%20there%20was%20a%20way%20to%20manipulate%20these%20detections%20via%20the%20AMSI%20within%20defender%3F%3C%2FP%3E%3CP%3Ethanks%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Tony Roth
Occasional Contributor

We import all the system logs including PowerShell logs into a seim solution that's based on $/GB but both sccm and scom run powershell scripts that get detected as malware which is overwhelming our storage and increasing costs.  I think there are many different way to resolve this not sure which is best but was wondering if there was a way to manipulate these detections via the AMSI within defender?

thanks

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies