You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/use-client-analyzer.md
+2-3Lines changed: 2 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -27,17 +27,16 @@ Use the categories listed in the table to identify the type of issue you're expe
27
27
28
28
|Issue |Description and examples |Flags |
29
29
|---------|---------|---------|
30
-
|Issues that can't be reproduced |Issues that occur sporadically or are triggered by automated processes and can't be reproduced. This includes problems related to scheduled tasks such as automatic updates and scans, and Attack Surface Reduction (ARS) rules triggered unpredictably. | Run without flags |
30
+
|Issues that can't be reproduced |Issues that occur sporadically or are triggered by automated processes and can't be reproduced. This includes problems related to scheduled tasks such as automatic updates and scans, and Attack Surface Reduction (ASR) rules triggered unpredictably. | Run without flags |
31
31
|Performance issues that can be reproduced |High CPU usage, memory consumption problems, and slow response times. |`-a` and `-v`|
32
-
|General |On-demand scans, manual updates, sense portal and alert issues, Azure Site Recovery (ASR) issues that can be triggered on command, and app compatibility problems. |`-e` and `-v`|
32
+
|General |On-demand scans, manual updates, sense portal and alert issues, Attack Surface Reduction (ASR) issues that can be triggered on command, and app compatibility problems. |`-e` and `-v`|
33
33
|Hanging systems |Unresponsive systems and freezes. Require advanced debugging techniques including memory dumps and crash analysis. |`-z`|
34
34
|Compatibility |Issues with third-party applications, other security solutions, system software, performance problems, and functional issues. |`-c`, `-e` and `-v`|
35
35
|Controlled Folder Access (CFA) |Include blocked applications, unexpected access permissions, and issues related to protected folders configuration. |Reproducible: `-cfa`, `-e` and `-v`</br>Nonreproducible: `-cfa`|
36
36
|Data Loss Prevention (DLP) |Include policy enforcement problems, content detection false positives and negatives, and DLP client health and connectivity issues. |Reproducible: `-e`, `-t` and `-v`</br>Nonreproducible: `-t`|
37
37
|Indicator |Include problems with URLs, domains, IP addresses, files, and certificates that aren't enforced as expected. |URL, IP, domain in first-party browser: `-a`, `-i` and `-v`</br>File indicator: `-v`|
38
38
|Web Content Filtering (WCF) |Unenforced WCF policy when accessing web content using first and third party browsers. |`-a`, `-i` and `-v`|
39
39
|Network protection |Network protection doesn't trigger configured policies when URLs, domains, and IPs are accessed through third-party browsers. |`-i` and `-v`|
40
-
|Device control |Issues related to device control and blocking USB devices. |`-v` with a five-minute limit. Then reproduce with a USB that's working as expected. |
0 commit comments