From 81be38ccd57c250623902f6faa629c49c7b716ac Mon Sep 17 00:00:00 2001 From: amirsc3 <42802974+amirsc3@users.noreply.github.com> Date: Tue, 3 Sep 2024 15:37:27 +0300 Subject: [PATCH 1/2] Update troubleshoot-collect-support-log.md Adjusting note to ensure customers are able to follow the guide without running into blocking issue --- defender-endpoint/troubleshoot-collect-support-log.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/defender-endpoint/troubleshoot-collect-support-log.md b/defender-endpoint/troubleshoot-collect-support-log.md index c8a26ca089..2ebcf4dcfd 100644 --- a/defender-endpoint/troubleshoot-collect-support-log.md +++ b/defender-endpoint/troubleshoot-collect-support-log.md @@ -51,9 +51,13 @@ This article provides instructions on how to run the tool via Live Response on W :::image type="content" source="media/analyzer-file.png" alt-text="The choose file button-2" lightbox="media/analyzer-file.png"::: +> [!NOTE] +> Do the same for the `MDEClientAnalyzerPreview.zip` file. + 6. While still in the LiveResponse session, use the following commands to run the analyzer and collect the resulting file. ```console + Putfile MDEClientAnalyzerPreview.zip Run MDELiveAnalyzer.ps1 GetFile "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Downloads\MDECA\MDEClientAnalyzerResult.zip" ``` From b235664730328bf60a9f7071659246188467e159 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 3 Sep 2024 10:16:47 -0700 Subject: [PATCH 2/2] Update troubleshoot-collect-support-log.md --- defender-endpoint/troubleshoot-collect-support-log.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/defender-endpoint/troubleshoot-collect-support-log.md b/defender-endpoint/troubleshoot-collect-support-log.md index 2ebcf4dcfd..cfc36d1724 100644 --- a/defender-endpoint/troubleshoot-collect-support-log.md +++ b/defender-endpoint/troubleshoot-collect-support-log.md @@ -14,7 +14,7 @@ ms.collection: ms.topic: troubleshooting ms.subservice: edr search.appverid: met150 -ms.date: 08/13/2024 +ms.date: 09/03/2024 --- # Collect support logs in Microsoft Defender for Endpoint using live response @@ -51,8 +51,7 @@ This article provides instructions on how to run the tool via Live Response on W :::image type="content" source="media/analyzer-file.png" alt-text="The choose file button-2" lightbox="media/analyzer-file.png"::: -> [!NOTE] -> Do the same for the `MDEClientAnalyzerPreview.zip` file. + Repeat this step for the `MDEClientAnalyzerPreview.zip` file. 6. While still in the LiveResponse session, use the following commands to run the analyzer and collect the resulting file.