Microsoft Defender for Endpoint

Andreas 1,051 Reputation points
2023-11-09T14:05:20.5966667+00:00

Hi,

We have an hybrid environment with SCCM and Microsoft Defender For Endpoint.

Exceptions are configured, but what is the correct command to list them out locally on the server.

This command works, it gives me the complete list

Get-MpPreference | Select-Object -Property ExclusionPath -ExpandProperty ExclusionPath

This commando does not work, it does not give me the complete list

Get-MpPreference | Select-Object -Property ExclusionProcess

output:

PS C:\Windows\system32> Get-MpPreference | Select-Object -Property ExclusionProcess

ExclusionProcess

{CcmAADBroker.exe, Ccmexec.exe, Ccmrepair.exe, Ccmsetup.exe...}

if I add -ExpandProperty ExclusionPath it only shows the ExclusionPath catalogs and files

So what I want is the complete list of the excluded processes.

Thanks for answers..

/R

Andy

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
2,649 questions
Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,220 questions
Microsoft System Center
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
664 questions
0 comments
Accepted answer
  1. XinGuo-MSFT 10,391 Reputation points
    2023-11-10T07:08:18.3433333+00:00

    Hi,

    PowerShell just doesn't display more than the value of $FormatEnumerationLimit items. So, you could set that to a higher value to show the complete list.

    User's image

    $FormatEnumerationLimit=15
    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest