You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/linux-exclusions.md
+8-1Lines changed: 8 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -55,6 +55,10 @@ Antivirus exclusions can be used to exclude trusted files and processes from rea
55
55
| Antivirus Exclusion | Antivirus engine <br/>*(scope: epp)*| Excludes content from antivirus (AV) scans and on-demand scans.|
56
56
| Global Exclusion | Antivirus and endpoint detections and response engine <br/>*(scope: global)*| Excludes events from real time protection and EDR visibility. Doesn't apply to on-demand scans by default. |
57
57
58
+
> [!IMPORTANT]
59
+
> Global exclusions are not applied to network protection hence alerts generated by network protection will still be visible.
60
+
> For excluding processes from network exclusion please use `mdatp network-protection exclusion`
61
+
58
62
## Supported exclusion types
59
63
60
64
The following table shows the exclusion types supported by Defender for Endpoint on Linux.
@@ -317,12 +321,15 @@ Examples:
317
321
318
322
```bash
319
323
mdatp exclusion process add --name cat --scope epp
320
-
mdatp exclusion process add --name dog --scope global
324
+
mdatp exclusion process add --name /usr/bin/dog --scope global
321
325
```
322
326
323
327
```console
324
328
Process exclusion configured successfully
325
329
```
330
+
331
+
> [!NOTE]
332
+
> Use full path for process exclusion with `global` scope.
326
333
327
334
## Validate exclusions lists with the EICAR test file
0 commit comments