Update malwareStateForWindowsDevice
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Update the properties of a malwareStateForWindowsDevice object.
This API is available in the following national cloud deployments.
Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
---|---|---|---|
✅ | ✅ | ✅ | ✅ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
Application | DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All |
HTTP Request
PATCH /deviceManagement/windowsMalwareInformation/{windowsMalwareInformationId}/deviceMalwareStates/{malwareStateForWindowsDeviceId}
Request headers
Header | Value |
---|---|
Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Accept | application/json |
Request body
In the request body, supply a JSON representation for the malwareStateForWindowsDevice object.
The following table shows the properties that are required when you create the malwareStateForWindowsDevice.
Property | Type | Description |
---|---|---|
id | String | The unique Identifier. This is device id. |
deviceName | String | Indicates the name of the device being evaluated for malware state |
executionState | windowsMalwareExecutionState | Indicates execution status of the malware. Possible values are: unknown, blocked, allowed, running, notRunning. Defaults to unknown. Possible values are: unknown , blocked , allowed , running , notRunning . |
threatState | windowsMalwareThreatState | Indicates threat status of the malware. Possible values are: active, actionFailed, manualStepsRequired, fullScanRequired, rebootRequired, remediatedWithNonCriticalFailures, quarantined, removed, cleaned, allowed, noStatusCleared. defaults to noStatusCleared. Possible values are: active , actionFailed , manualStepsRequired , fullScanRequired , rebootRequired , remediatedWithNonCriticalFailures , quarantined , removed , cleaned , allowed , noStatusCleared . |
initialDetectionDateTime | DateTimeOffset | Initial detection datetime of the malware |
lastStateChangeDateTime | DateTimeOffset | The last time this particular threat was changed |
detectionCount | Int32 | Indicates the number of times the malware is detected |
Response
If successful, this method returns a 200 OK
response code and an updated malwareStateForWindowsDevice object in the response body.
Example
Request
Here is an example of the request.
PATCH https://graph.microsoft.com/beta/deviceManagement/windowsMalwareInformation/{windowsMalwareInformationId}/deviceMalwareStates/{malwareStateForWindowsDeviceId}
Content-type: application/json
Content-length: 334
{
"@odata.type": "#microsoft.graph.malwareStateForWindowsDevice",
"deviceName": "Device Name value",
"executionState": "blocked",
"threatState": "actionFailed",
"initialDetectionDateTime": "2016-12-31T23:57:05.3889692-08:00",
"lastStateChangeDateTime": "2016-12-31T23:59:51.0767794-08:00",
"detectionCount": 14
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 383
{
"@odata.type": "#microsoft.graph.malwareStateForWindowsDevice",
"id": "ce06da73-da73-ce06-73da-06ce73da06ce",
"deviceName": "Device Name value",
"executionState": "blocked",
"threatState": "actionFailed",
"initialDetectionDateTime": "2016-12-31T23:57:05.3889692-08:00",
"lastStateChangeDateTime": "2016-12-31T23:59:51.0767794-08:00",
"detectionCount": 14
}
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for