Skip to content

Commit 6bcfaa3

Browse files
denisebmsftdenisebmsft
committed
Update exposed-apis-full-sample-powershell.md
1 parent 0c5f31b commit 6bcfaa3

File tree

1 file changed

+12
-9
lines changed

1 file changed

+12
-9
lines changed

defender-endpoint/api/exposed-apis-full-sample-powershell.md

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ search.appverid: met150
3030
- [Microsoft Defender for Business](/defender-business)
3131

3232
> [!IMPORTANT]
33-
> Advanced hunting capabilities are not included in Defender for Business.
33+
> Advanced hunting capabilities aren't included in Defender for Business.
3434
3535
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630&clcid=0x409&culture=en-us&country=us)
3636
@@ -51,8 +51,10 @@ In this section, we share PowerShell samples to
5151

5252
## Preparation instructions
5353

54-
- Open a PowerShell window.
55-
- If your policy doesn't allow you to run the PowerShell commands, you can run the below command:
54+
1. Open a PowerShell window.
55+
56+
2. If your policy doesn't allow you to run the PowerShell commands, you can run the following command:
57+
5658
```
5759
Set-ExecutionPolicy -ExecutionPolicy Bypass
5860
```
@@ -61,13 +63,12 @@ For more information, see [PowerShell documentation](/powershell/module/microsof
6163

6264
## Get token
6365

64-
Run the below:
65-
66-
- $tenantId: ID of the tenant on behalf of which you want to run the query (that is, the query is run on the data of this tenant)
67-
- $appId: ID of your Microsoft Entra app (the app must have 'Run advanced queries' permission to Defender for Endpoint)
68-
- $appSecret: Secret of your Microsoft Entra app
66+
Run the following command, using your information as follows:
6967

70-
- $suspiciousUrl: The URL
68+
- `$tenantId`: ID of the tenant on behalf of which you want to run the query (that is, the query is run on the data of this tenant)
69+
- `$appId`: ID of your Microsoft Entra app (the app must have 'Run advanced queries' permission to Defender for Endpoint)
70+
- `$appSecret`: Secret of your Microsoft Entra app
71+
- `$suspiciousUrl`: The URL
7172

7273

7374
```
@@ -132,7 +133,9 @@ $response
132133

133134

134135
## See also
136+
135137
- [Microsoft Defender for Endpoint APIs](apis-intro.md)
136138
- [Advanced Hunting API](run-advanced-query-api.md)
137139
- [Advanced Hunting using Python](run-advanced-query-sample-python.md)
140+
138141
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../../includes/defender-mde-techcommunity.md)]

0 commit comments

Comments
 (0)