EICAR file is not blocked by Defender for Endpoint on Linux
Hello,
we are testing Microsoft Defender for Endpoint on Linux Ubuntu devices.
I successfully onboarded machine, it is visible in Defender portal and I am able to generate incident using test https://aka.ms/LinuxDIY
However, I am not able to detect/block EICAR test file using suggested command:
curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt
After it, eicar.com.txt file is in Downloads folder and nothing happens.
“mdatp health” output:
Configuration in mdatp_managed.json file:
Am I missing something?
Thanks
Hello,we are testing Microsoft Defender for Endpoint on Linux Ubuntu devices.I successfully onboarded machine, it is visible in Defender portal and I am able to generate incident using test https://aka.ms/LinuxDIY However, I am not able to detect/block EICAR test file using suggested command:curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt After it, eicar.com.txt file is in Downloads folder and nothing happens. “mdatp health” output:Configuration in mdatp_managed.json file: Am I missing something? Thanks Read More