You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/microsoft-defender-endpoint-linux.md
+10-10Lines changed: 10 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -147,8 +147,8 @@ You can use one of the following methods to deploy Microsoft Defender for Endpoi
147
147
If you experience any installation failures, see [Troubleshooting installation failures in Microsoft Defender for Endpoint on Linux](linux-support-install.md).
148
148
149
149
> [!IMPORTANT]
150
-
> Installing Microsoft Defender for Endpoint in any location other than the default install path is not supported.
151
-
> Microsoft Defender for Endpoint on Linux creates an `mdatp` user with random UID and GID. If you want to control the UID and GID, create an `mdatp` user prior to installation using the `/usr/sbin/nologin` shell option. Here's an example: `mdatp:x:UID:GID::/home/mdatp:/usr/sbin/nologin`.
150
+
> Installing Microsoft Defender for Endpoint in any location other than the default install path isn't supported.
151
+
> Microsoft Defender for Endpoint on Linux creates an `mdatp` user with random UID and GID. If you want to control the UID and GID, create an `mdatp` user before installation using the `/usr/sbin/nologin` shell option. Here's an example: `mdatp:x:UID:GID::/home/mdatp:/usr/sbin/nologin`.
152
152
153
153
### External package dependency
154
154
@@ -159,16 +159,16 @@ If the Microsoft Defender for Endpoint installation fails due to missing depende
159
159
- For DEBIAN the mdatp package requires `libc6 >= 2.23`, `uuid-runtime`, and `mde-netfilter`
160
160
161
161
> [!NOTE]
162
-
> Starting with version `101.24082.0004`, Defender for Endpoint on Linux no longer supports the `Auditd` event provider. We're transitioning completely to the more efficient eBPF technology.
163
-
> If eBPF is not supported on your machines, or if there are specific requirements to remain on Auditd, and your machines are using Defender for Endpoint on Linux version `101.24072.0001` or lower, the following additional dependency on the auditd package exists for mdatp:
162
+
> Beginning with version `101.24082.0004`, Defender for Endpoint on Linux no longer supports the `Auditd` event provider. We're transitioning completely to the more efficient eBPF technology.
163
+
> If eBPF isn't supported on your machines, or if there are specific requirements to remain on Auditd, and your machines are using Defender for Endpoint on Linux version `101.24072.0001` or older, the following additional dependency on the auditd package exists for mdatp:
164
164
> - The mdatp RPM package requires `audit`, `semanage`.
165
-
> - For DEBIAN the mdatp package requires `auditd`.
166
-
> - For Mariner the mdatp package requires `audit`.
165
+
> - For DEBIAN, the mdatp package requires `auditd`.
166
+
> - For Mariner, the mdatp package requires `audit`.
167
167
168
168
The`mde-netfilter` package also has the following package dependencies:
169
169
170
-
- For DEBIAN the mde-netfilter package requires `libnetfilter-queue1`, and `libglib2.0-0`
171
-
- For RPM the mde-netfilter package requires `libmnl`, `libnfnetlink`, `libnetfilter_queue`, and `glib2`
170
+
- For DEBIAN, the mde-netfilter package requires `libnetfilter-queue1`, and `libglib2.0-0`
171
+
- For RPM, the mde-netfilter package requires `libmnl`, `libnfnetlink`, `libnetfilter_queue`, and `glib2`
172
172
173
173
### Configuring Exclusions
174
174
@@ -186,8 +186,8 @@ Defender for Endpoint on Linux can connect through a proxy server by using the f
186
186
If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs. For transparent proxies, no another configuration is needed for Defender for Endpoint. For static proxy, follow the steps in [Manual Static Proxy Configuration](linux-static-proxy-configuration.md).
187
187
188
188
> [!WARNING]
189
-
> PAC, WPAD, and authenticated proxies are not supported. Ensure that only a static proxy or transparent proxy is being used.
190
-
> SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Defender for Endpoint on Linux to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
189
+
> PAC, WPAD, and authenticated proxies aren't supported. Ensure that only a static proxy or transparent proxy is being used.
190
+
> SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Defender for Endpoint on Linux to the relevant URLs without interception. Adding your interception certificate to the global store won't allow for interception.
191
191
192
192
For troubleshooting steps, see [Troubleshoot cloud connectivity issues for Microsoft Defender for Endpoint on Linux](linux-support-connectivity.md).
0 commit comments