Report on System Center Endpoint Protection / Windows defender

Duchemin, Dominique 2,006 Reputation points
2023-11-09T22:21:22.64+00:00

Hello,

I am looking for a list of servers with the following information:

  • Server Name
  • Antimalware Policy Name
  • Collection Name
  • Real Time Protection Value

SQL Query?

PowerShell command?

Thanks,

Dom

Microsoft Configuration Manager
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. AllenLiu-MSFT 44,591 Reputation points Microsoft Vendor
    2023-11-10T06:25:02.95+00:00

    Hi, @Duchemin, Dominique

    Thank you for posting in Microsoft Q&A forum.

    To get the Real-time Protection value, we can check the registry value with CMPivot:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Microsoft Antimalware\Real-Time Protection

    For Antimalware Policy Name, we can query the view vSMS_G_SYSTEM_AmPolicyStatus.

    I remember you extended the hardware inventory to get the Real-time Protection value, so you may try to join the custom view to the vSMS_G_SYSTEM_AmPolicyStatus.


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".


  2. Garth Jones 1,661 Reputation points
    2023-12-04T15:03:32.2533333+00:00

    All of the data is within the SQL Views. You can see the SQL views within the docs.

    https://learn.microsoft.com/en-us/mem/configmgr/develop/core/understand/sqlviews/sql-server-views-configuration-manager

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.