Merge branch 'main' into docs-editor/linux-exclusions-1749145799

Ruchika-mittal01 · web-flow · commit d119df81b93e · 2025-06-06T22:46:42.000+05:30
diff --git a/defender-endpoint/collect-diagnostic-data.md b/defender-endpoint/collect-diagnostic-data.md
@@ -6,7 +6,7 @@ ms.localizationpriority: medium
 author: emmwalshh
 ms.author: ewalsh
 ms.custom: nextgen
-ms.date: 04/04/2025
+ms.date: 06/06/2025
 ms.reviewer: pahuijbr, yongrhee
 manager: deniseb
 ms.subservice: ngp
@@ -26,13 +26,9 @@ search.appverid: met150
 **Applies to:**
 
 - [Microsoft Defender for Endpoint Plan 2](microsoft-defender-endpoint.md)
-
 - [Microsoft Defender for Business](https://www.microsoft.com/security/business/endpoint-security/microsoft-defender-business)
-
 - [Microsoft Defender for Endpoint Plan 1](microsoft-defender-endpoint.md)
-
 - Microsoft Defender Antivirus
-
 - [Microsoft Defender for Individuals](https://www.microsoft.com/microsoft-365/microsoft-defender-for-individuals)
 
 This article describes how to collect diagnostic data that's used by Microsoft support and engineering teams when they help troubleshoot issues with Microsoft Defender Antivirus.
@@ -48,23 +44,26 @@ On at least two devices that are experiencing the same issue, obtain the `.cab`
 
 1. Open Command Prompt as an administrator by following these steps:
 
-    a. Open the **Start** menu.
-
-    b. Type **cmd**. Right-click on **Command Prompt** and then select **Run as administrator**.
-
-    c. Specify administrator credentials or approve the prompt.
-
+   a. Open the **Start** menu.
+   
+   b. Type **cmd**. Right-click on **Command Prompt** and then select **Run as administrator**.
+   
+   c. Specify administrator credentials or approve the prompt.
+   
 1. Navigate to the directory for Microsoft Defender Antivirus: 
 
    `cd C:\ProgramData\Microsoft\Windows Defender\Platform\<version>`
-
+   
    Where `<version>` is the actual version that starts with `4.18.2xxxx.x`
    
+> [!NOTE]
+> `C:\ProgramData` is a hidden folder. If you don't have a folder that starts with `4.18.2xxxx.x` in `C:\ProgramData\Microsoft\Windows Defender\Platform\`, then you will need to go to `C:\Program Files\Windows Defender\`.
+
 1. Type the following command, and then press **Enter**
 
-    ```Dos
-    mpcmdrun.exe -GetFiles
-    ```
+   ```Dos
+   mpcmdrun.exe -GetFiles
+   ```
 
 4. A `.cab` file is generated that contains various diagnostic logs. The location of the file is specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`.
 
@@ -87,7 +86,7 @@ mpcmdrun.exe -GetFiles -SupportLogLocation <path>
 
 Copies the diagnostic data to the specified path. If the path isn't specified, the diagnostic data is copied to the location specified in the Support Log Location Configuration.
 
-When the SupportLogLocation parameter is used, a folder structure like as follows will be created in the destination path:
+When the `SupportLogLocation` parameter is used, a folder structure like as follows will be created in the destination path:
 
 ```Dos
 <path>\<MMDD>\MpSupport-<hostname>-<HHMM>.cab
@@ -122,7 +121,8 @@ You can also specify where the diagnostic `.cab` file is created using a Group P
 3. Inside the policy editor, select **Enabled**.
 
 4. Specify the directory path where you want to copy the support log files in the **Options** field.
-   :::image type="content" source="media/GPO3-SupportLogLocationGPPageEnabledExample.png" alt-text="The Enabled directory path custom setting" lightbox="media/GPO3-SupportLogLocationGPPageEnabledExample.png":::
+   
+   :::image type="content" source="media/GPO3-SupportLogLocationGPPageEnabledExample.png" alt-text="Screenshot showing the enabled directory path custom setting." lightbox="media/GPO3-SupportLogLocationGPPageEnabledExample.png":::
 
 5. Select **OK** or **Apply**.
 
@@ -142,7 +142,7 @@ You can also specify where the diagnostic `.cab` file is created using a Group P
 >
 > You can use the information gathered using Performance analyzer to better assess performance issues and apply remediation actions. 
 > See: [Performance analyzer for Microsoft Defender Antivirus](tune-performance-defender-antivirus.md).
->
+
 
 ## See also
 
diff --git a/defender-endpoint/live-response-command-examples.md b/defender-endpoint/live-response-command-examples.md
@@ -11,7 +11,7 @@ ms.collection:
 - m365-security
 - tier3
 - mde-edr
-ms.topic: conceptual
+ms.topic: reference
 ms.subservice: edr
 search.appverid: met150
 ms.date: 01/24/2025
diff --git a/defender-endpoint/msda-updates-previous-versions-technical-upgrade-support.md b/defender-endpoint/msda-updates-previous-versions-technical-upgrade-support.md
@@ -13,7 +13,7 @@ ms.collection:
 - m365-security
 - tier1
 - mde-ngp
-ms.topic: conceptual
+ms.topic: reference
 ms.subservice: ngp
 search.appverid: met150
 ---
diff --git a/defender-endpoint/review-detected-threats.md b/defender-endpoint/review-detected-threats.md
@@ -11,7 +11,7 @@ ms.collection:
 - m365-security
 - tier2
 - mde-edr
-ms.topic: conceptual
+ms.topic: how-to
 ms.date: 06/21/2024
 ms.subservice: edr
 search.appverid: met150
diff --git a/defender-office-365/email-analysis-investigations.md b/defender-office-365/email-analysis-investigations.md
@@ -6,7 +6,7 @@ author: dansimp
 ms.author: dansimp
 manager: deniseb
 audience: ITPro
-ms.topic: conceptual
+ms.topic: how-to
 ms.localizationpriority: medium
 search.appverid:
 - MET150
diff --git a/defender-xdr/integrate-microsoft-365-defender-secops-plan.md b/defender-xdr/integrate-microsoft-365-defender-secops-plan.md
@@ -12,7 +12,7 @@ audience: ITPro
 ms.collection:
   - msftsolution-secops
   - tier2
-ms.topic: conceptual
+ms.topic: how-to
 search.appverid:
   - MOE150
   - MET150
diff --git a/defender-xdr/integrate-microsoft-365-defender-secops-readiness.md b/defender-xdr/integrate-microsoft-365-defender-secops-readiness.md
@@ -12,7 +12,7 @@ audience: ITPro
 ms.collection: 
   - msftsolution-secops
   - tier2
-ms.topic: conceptual
+ms.topic: how-to
 search.appverid: 
   - MOE150
   - MET150
diff --git a/defender-xdr/integrate-microsoft-365-defender-secops-roles.md b/defender-xdr/integrate-microsoft-365-defender-secops-roles.md
@@ -12,7 +12,7 @@ audience: ITPro
 ms.collection: 
   - msftsolution-secops
   - tier2
-ms.topic: conceptual
+ms.topic: how-to
 search.appverid: 
   - MOE150
   - MET150
diff --git a/defender-xdr/integrate-microsoft-365-defender-secops-services.md b/defender-xdr/integrate-microsoft-365-defender-secops-services.md
@@ -12,7 +12,7 @@ audience: ITPro
 ms.collection: 
   - msftsolution-secops
   - tier3
-ms.topic: conceptual
+ms.topic: how-to
 search.appverid: 
   - MOE150
   - MET150
diff --git a/defender-xdr/integrate-microsoft-365-defender-secops-tasks.md b/defender-xdr/integrate-microsoft-365-defender-secops-tasks.md
@@ -12,7 +12,7 @@ audience: ITPro
 ms.collection: 
   - msftsolution-secops
   - tier2
-ms.topic: conceptual
+ms.topic: how-to
 search.appverid: 
   - MOE150
   - MET150
diff --git a/defender-xdr/integrate-microsoft-365-defender-secops-use-cases.md b/defender-xdr/integrate-microsoft-365-defender-secops-use-cases.md
@@ -12,7 +12,7 @@ audience: ITPro
 ms.collection:
   - msftsolution-secops
   - tier2
-ms.topic: conceptual
+ms.topic: how-to
 search.appverid:
   - MOE150
   - MET150
diff --git a/defender-xdr/pilot-deploy-investigate-respond.md b/defender-xdr/pilot-deploy-investigate-respond.md
@@ -18,7 +18,7 @@ ms.collection:
   - zerotrust-solution
   - highpri
   - tier1
-ms.topic: concept-article
+ms.topic: how-to
 #customer intent: To learn how to investigate and respond to attacks using Microsoft Defender XDR.
 appliesto:
    - Microsoft Defender XDR
diff --git a/defender-xdr/setup-m365deval.md b/defender-xdr/setup-m365deval.md
@@ -14,7 +14,7 @@ ms.collection:
   - m365solution-evalutatemtp
   - highpri
   - tier1
-ms.topic: conceptual
+ms.topic: how-to
 ms.date: 06/28/2024
 ---
 
