How to query Windows Defender data from Azure Servers
Question
Using Azure, I want to be able to query Windows Servers (using Defender cmdlets ) based on Windows Defender values (ie AntispywareSignatureAge). Using PowerShell I can run local scripts and check for those said values. However, this tasks becomes impossible when you have several hundred servers.
Is there a way to efficiently query all this data in Azure using the PowerShell cmdlets? (some places that come to mind are OMS, Log Analytics)
1 answers
solution1
1 ACCPTED 2018-10-17 20:58:38
You could setup a windows service that collects this data and then sends it to Azure.
To query the results: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus
Powershell windows services: https://msdn.microsoft.com/en-us/magazine/mt703436.aspx
Depending on your skills you can create an api to send the results to azure and call the endpoints from powershell.
Or you can upload files and process them in azure: https://www.nhaustralia.com.au/blog/Using-PowerShell-to-upload-files-to-your-Azure-Storage-Container/
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.