Merge branch 'main' into v-jmathew-9802641

Author: padmagit77

.openpublishing.redirection.defender-endpoint.json

@@ -114,6 +114,11 @@
       "source_path": "defender-endpoint/comprehensive-guidance-on-linux-deployment.md",
       "redirect_url": "/defender-endpoint/linux-installer-script",
       "redirect_document_id": true
+    },
+    {
+      "source_path": "defender-endpoint/linux-schedule-scan-mde.md",
+      "redirect_url": "/defender-endpoint/schedule-antivirus-scan-crontab",
+      "redirect_document_id": true
     } 
   ]
 }

defender-endpoint/TOC.yml

@@ -296,7 +296,7 @@
                 - name: Schedule antivirus scans using Anacron
                   href: schedule-antivirus-scan-anacron.md
                 - name: Schedule antivirus scans using Crontab
-                  href: linux-schedule-scan-mde.md
+                  href: schedule-antivirus-scan-crontab.md
               - name: Network protection for Linux
                 href: network-protection-linux.md
               - name: Configure and validate exclusions on Linux

defender-endpoint/linux-preferences.md

@@ -36,7 +36,7 @@ Microsoft Defender for Endpoint on Linux includes antivirus, anti-malware protec
 | Settings | Description| 
 |--|--|
 | 1. Configure static proxy discovery. | Configuring a static proxy helps ensure that telemetry is submitted and helps avoid network time-outs. Perform this task during and after your Defender for Endpoint installation. <br/><br/> See [Configure Microsoft Defender for Endpoint on Linux for static proxy discovery](linux-static-proxy-configuration.md). |
-| 2. Configure your antivirus scans. | You can schedule automatic antivirus scans by using either Anacron or Crontab. <br/><br/>See the following articles: <br/>- [Use Anacron to schedule an antivirus scan in Microsoft Defender for Endpoint on Linux](/defender-endpoint/schedule-antivirus-scan-anacron)<br/>- [Use Crontab to schedule an antivirus scan in Microsoft Defender for Endpoint on Linux](/defender-endpoint/linux-schedule-scan-mde) | 
+| 2. Configure your antivirus scans. | You can schedule automatic antivirus scans by using either Anacron or Crontab. <br/><br/>See the following articles: <br/>- [Use Anacron to schedule an antivirus scan in Microsoft Defender for Endpoint on Linux](/defender-endpoint/schedule-antivirus-scan-anacron)<br/>- [Use Crontab to schedule an antivirus scan in Microsoft Defender for Endpoint on Linux](/defender-endpoint/schedule-antivirus-scan-crontab) | 
 | 3. Configure your security settings and policies. | You can use the Microsoft Defender portal (Defender for Endpoint Security Settings Management) or a configuration profile (`.json` file) to configure Defender for Endpoint on Linux. Or, if you prefer, you can use command line to configure certain settings. <br/><br/> See the following articles:<br/>- [Defender for Endpoint Security Settings Management](linux-preferences.md#defender-for-endpoint-security-settings-management) <br/>- [Configuration profile](linux-preferences.md#configuration-profile)<br/>- [Command line](linux-resources.md#configure-from-the-command-line) |
 | 4. Configure and validate exclusions (as appropriate) | You can exclude certain files, folders, processes, and process-opened files from Defender for Endpoint on Linux. Global exclusions apply to real-time protection (RTP), behavior monitoring (BM), and endpoint detection and response (EDR), thus stopping all the associated antivirus detections, EDR alerts, and visibility for the excluded item.<br/><br/>See [Configure and validate exclusions for Microsoft Defender for Endpoint on Linux](linux-exclusions.md).| 
 | 5. Configure the eBPF-based sensor. | The extended Berkeley Packet Filter (eBPF) for Microsoft Defender for Endpoint on Linux is automatically enabled for all customers by default for agent versions `101.23082.0006` and later. It provides supplementary event data for Linux operating systems and helps reduce the possibility of conflicts between applications. <br/><br/>See [Use eBPF-based sensor for Microsoft Defender for Endpoint on Linux](linux-support-ebpf.md). |
@@ -274,7 +274,7 @@ Specifies the enforcement preference of antivirus engine. There are three values
 
 > [!NOTE]
 > Available in Defender for Endpoint version `101.10.72` or later. Default is changed from `real_time` to `passive` in Defender for Endpoint version `101.23062.0001` or later.
-> It is recommended to also use [scheduled scans](/defender-endpoint/linux-schedule-scan-mde) as per requirement.
+> It is recommended to also use [scheduled scans](/defender-endpoint/schedule-antivirus-scan-crontab) as per requirement.
 
 ### Enable or disable behavior monitoring (if RTP is enabled)
 

defender-endpoint/linux-update-mde-linux.md

@@ -79,7 +79,7 @@ And
 0 2 * * sat /bin/mdatp scan quick>~/mdatp_cron_job.log
 ```
 
-See [Schedule scans with Microsoft Defender for Endpoint (Linux)](linux-schedule-scan-mde.md)
+See [Schedule scans with Microsoft Defender for Endpoint (Linux)](schedule-antivirus-scan-crontab.md)
 
 Press "Insert"
 

defender-endpoint/mde-linux-deployment-on-sap.md

@@ -79,7 +79,7 @@ The default configuration option for deployment as an Azure Extension for Antivi
 
 Online Kernel patching tools, such as Ksplice or similar, can lead to unpredictable OS stability if Defender for Endpoint is running. It's recommended to temporarily stop the Defender for Endpoint daemon before performing online Kernel patching. After the Kernel is updated, Defender for Endpoint on Linux can be safely restarted. This action is especially important on large SAP HANA VMs with huge memory contexts.
 
-When Microsoft Defender Antivirus is running with real-time protection, it's no longer required to schedule scans. You should run a scan at least once to set a baseline. Then, if necessary, the Linux crontab is typically used to schedule Microsoft Defender Antivirus scans and log rotation tasks. For more information, see [How to schedule scans with Microsoft Defender for Endpoint (Linux)](linux-schedule-scan-mde.md).
+When Microsoft Defender Antivirus is running with real-time protection, it's no longer required to schedule scans. You should run a scan at least once to set a baseline. Then, if necessary, the Linux crontab is typically used to schedule Microsoft Defender Antivirus scans and log rotation tasks. For more information, see [How to schedule scans with Microsoft Defender for Endpoint (Linux)](schedule-antivirus-scan-crontab.md).
 
 [Endpoint detection and response](overview-endpoint-detection-response.md) (EDR) functionality is active whenever Microsoft Defender for Endpoint on Linux is installed. EDR functionality can be disabled through command line or configuration by using [global exclusions](/defender-endpoint/linux-exclusions#supported-exclusion-scopes). For more information on troubleshooting EDR, see the sections [Useful Commands](#useful-commands) and [Useful Links](#useful-links) (in this article).
 
@@ -173,7 +173,7 @@ The recommended configuration for SAP applications enables real-time interceptio
 
 SAP applications running on older versions of Linux or on hardware that's overloaded might consider using `real_time_protection_enabled = false`. In this case, antivirus scans should be scheduled.
 
-For more information, see [How to schedule scans with Microsoft Defender for Endpoint (Linux)](linux-schedule-scan-mde.md).
+For more information, see [How to schedule scans with Microsoft Defender for Endpoint (Linux)](schedule-antivirus-scan-crontab.md).
 
 Large SAP systems might have more than 20 SAP application servers, each with a connection to the SAPMNT NFS share. Twenty or more application servers simultaneously scanning the same NFS server will likely overload the NFS server. By default, Defender for Endpoint on Linux doesn't scan NFS sources.
 

defender-endpoint/mde-sap-windows-server.md

@@ -266,7 +266,7 @@ Here's a list of what to check:
 
    [EDR in Defender for Endpoint](overview-endpoint-detection-response.md) on Windows might scan SMB shared network file systems. The EDR sensor scans certain files that are identified as interesting for EDR analysis during file modification, delete, and move operations.
 
-   Defender for Endpoint on Linux doesn't scan NFS file systems during [scheduled scans](linux-schedule-scan-mde.md).
+   Defender for Endpoint on Linux doesn't scan NFS file systems during [scheduled scans](schedule-antivirus-scan-crontab.md).
 
 8. **Troubleshoot sense health or reliability issues**. To troubleshoot such issues, use the [Defender for Endpoint client analyzer tool](overview-client-analyzer.md). The Defender for Endpoint client analyzer can be useful when diagnosing sensor health or reliability issues on onboarded Windows, Linux, or Mac devices. Get the latest version of the Defender for Endpoint client analyzer here: [https://aka.ms/MDEClientAnalyzer](https://aka.ms/MDEClientAnalyzer).
 

defender-endpoint/schedule-antivirus-scan-anacron.md

@@ -39,7 +39,7 @@ See the following system requirements needed to schedule Microsoft Defender Anti
 
 ## Scheduling Microsoft Defender Antivirus scan in Red Hat Linux
 
-You can schedule cron jobs to initiate Microsoft Defender Antivirus scans on a schedule. For more information, see [How to schedule scans with Microsoft Defender for Endpoint on Linux](linux-schedule-scan-mde.md). This process works well if the device is always up and running.
+You can schedule cron jobs to initiate Microsoft Defender Antivirus scans on a schedule. For more information, see [How to schedule scans with Microsoft Defender for Endpoint on Linux](schedule-antivirus-scan-crontab.md). This process works well if the device is always up and running.
 
 But if the Linux devices are shut down or offline during the cron schedule, the scan won't run. In these situations, you can use **anacron** to read the timestamp and find the last executed job. If the device was shut down during the scheduled cron job, it needs to wait until the next scheduled time. By using **anacron**, the system will detect the last time the scan was run. If the device didn't run the cron job, it will automatically start it.