Remediation activity methods and properties
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender Vulnerability Management
- Microsoft 365 Defender
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.
Want to experience Microsoft Defender Vulnerability Management? Learn more about how you can sign up to the Microsoft Defender Vulnerability Management public preview trial.
Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers.
For better performance, you can use server closer to your geo location:
The API response contains Microsoft Defender Vulnerability Management remediation activities that have been created in your tenant.
|List all remediation activities||Investigation collection||Returns information about all remediation activities.|
|List exposed devices of one remediation activity||Investigation entity||Returns information about exposed devices for the specified remediation activity.|
|Get one remediation activity by ID||Investigation entity||Returns information for the specified remediation activity.|
Learn more about remediation activities.
|Property ID||Data type||Description|
|Category||String||Category of the remediation activity (Software/Security configuration)|
|completerEmail||String||If the remediation activity was manually completed by someone, this column contains their email|
|completerId||String||If the remediation activity was manually completed by someone, this column contains their object ID|
|completionMethod||String||A remediation activity can be completed "automatically" (if all the devices are patched) or "manually" by a person who selects "mark as completed."|
|createdOn||DateTime||Time this remediation activity was created|
|Description||String||Description of this remediation activity|
|dueOn||DateTime||Due date the creator set for this remediation activity|
|fixedDevices||The number of devices that have been fixed|
|ID||String||ID of this remediation activity|
|nameId||String||Related product name|
|Priority||String||Priority the creator set for this remediation activity (High\Medium\Low)|
|productId||String||Related product ID|
|productivityImpactRemediationType||String||A few configuration changes could be requested only for devices that don't affect users. This value indicates the selection between "all exposed devices" or "only devices with no user impact."|
|rbacGroupNames||String||Related device group names|
|recommendedProgram||String||Recommended program to upgrade to|
|recommendedVendor||String||Recommended vendor to upgrade to|
|recommendedVersion||String||Recommended version to update/upgrade to|
|relatedComponent||String||Related component of this remediation activity (similar to the related component for a security recommendation)|
|requesterEmail||String||Creator email address|
|requesterId||String||Creator object ID|
|requesterNotes||String||The notes (free text) the creator added for this remediation activity|
|Scid||String||SCID of the related security recommendation|
|Status||String||Remediation activity status (Active/Completed)|
|statusLastModifiedOn||DateTime||Date when the status field was updated|
|targetDevices||Long||Number of exposed devices that this remediation is applicable to|
|Title||String||Title of this remediation activity|
|vendorId||String||Related vendor name|
Submit and view feedback for