Skip to content

Commit e1973c9

Browse files
zeeshan1995zeeshan1995
authored
Update run-analyzer-macos-linux.md
1 parent f5e6196 commit e1973c9

File tree

1 file changed

+1
-38
lines changed

1 file changed

+1
-38
lines changed

defender-endpoint/run-analyzer-macos-linux.md

Lines changed: 1 addition & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -266,7 +266,7 @@ The files generated when using this mode:
266266
| auditd_log_analysis.txt | Summary of events processed by auditd |
267267
| auditd_logs.zip | Auditd log files |
268268
| ebpf_kernel_config.txt | Currently loaded Linux Kernel config |
269-
| ebpf_enabled_func.txt | List of --------- |
269+
| ebpf_enabled_func.txt | List of all the kernel functions that are currently enabled for tracing |
270270
| ebpf_syscalls.zip | Information about system call tracing |
271271
| ebpf_raw_syscalls.zip | Tracing events related to raw system calls |
272272
| ebpf_maps_info.txt | eBPF maps' id and size info |
@@ -456,41 +456,4 @@ Usage example: `sudo ./mde_support_tool.sh skipfaultyrules -e true`
456456
> [!NOTE]
457457
> This functionality will be skipping the faulty rules. The faulty rule then needs to be further identified and fixed.
458458
459-
## Result package contents on macOS and Linux
460-
461-
- report.html
462-
463-
Description: The main HTML output file that contains the findings and guidance from running the client analyzer tool on the device. This file is only generated when running the Python-based version of the client analyzer tool.
464-
465-
- mde_diagnostic.zip
466-
467-
Description: Same diagnostic output that gets generated when running *mdatp diagnostic create* on either [macOS](mac-resources.md#collecting-diagnostic-information) or [Linux](linux-resources.md#collect-diagnostic-information).
468-
469-
- mde.xml
470-
471-
Description: XML output that is generated while running and is used to build the html report file.
472-
473-
- Processes_information.txt
474-
475-
Description: contains the details of the running Microsoft Defender for Endpoint related processes on the system.
476-
477-
- Log.txt
478-
479-
Description: contains the same log messages written on screen during the data collection.
480-
481-
- Health.txt
482-
483-
Description: The same basic health output that is shown when running *mdatp health* command.
484-
485-
- Events.xml
486-
487-
Description: Additional XML file used by the analyzer when building the HTML report.
488-
489-
- Audited_info.txt
490-
491-
Description: details on audited service and related components for [Linux](linux-resources.md) OS.
492-
493-
- perf_benchmark.tar.gz
494-
495-
Description: The performance test reports. You'll see this only if you're using the performance parameter.
496459
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]

0 commit comments

Comments
 (0)