Redaguoti

Bendrinti naudojant


Remediation activity methods and properties

Applies to:

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

Want to experience Microsoft Defender Vulnerability Management? Learn more about how you can sign up to the Microsoft Defender Vulnerability Management public preview trial.

Important

Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.

Note

If you are a US Government customer, please use the URIs listed in Microsoft Defender for Endpoint for US Government customers.

Tip

For better performance, you can use server closer to your geo location:

  • us.api.security.microsoft.com
  • eu.api.security.microsoft.com
  • uk.api.security.microsoft.com
  • au.api.security.microsoft.com
  • swa.api.security.microsoft.com
  • ina.api.security.microsoft.com

The API response contains Microsoft Defender Vulnerability Management remediation activities that have been created in your tenant.

Methods

Method Data type Description
List all remediation activities Investigation collection Returns information about all remediation activities.
List exposed devices of one remediation activity Investigation entity Returns information about exposed devices for the specified remediation activity.
Get one remediation activity by ID Investigation entity Returns information for the specified remediation activity.

Learn more about remediation activities.

Properties

Property ID Data type Description
Category String Category of the remediation activity (Software/Security configuration)
completerEmail String If the remediation activity was manually completed by someone, this column contains their email
completerId String If the remediation activity was manually completed by someone, this column contains their object ID
completionMethod String A remediation activity can be completed "automatically" (if all the devices are patched) or "manually" by a person who selects "mark as completed."
createdOn DateTime Time this remediation activity was created
Description String Description of this remediation activity
dueOn DateTime Due date the creator set for this remediation activity
fixedDevices The number of devices that have been fixed
ID String ID of this remediation activity
nameId String Related product name
Priority String Priority the creator set for this remediation activity (High\Medium\Low)
productId String Related product ID
productivityImpactRemediationType String A few configuration changes could be requested only for devices that don't affect users. This value indicates the selection between "all exposed devices" or "only devices with no user impact."
rbacGroupNames String Related device group names
recommendedProgram String Recommended program to upgrade to
recommendedVendor String Recommended vendor to upgrade to
recommendedVersion String Recommended version to update/upgrade to
relatedComponent String Related component of this remediation activity (similar to the related component for a security recommendation)
requesterEmail String Creator email address
requesterId String Creator object ID
requesterNotes String The notes (free text) the creator added for this remediation activity
Scid String SCID of the related security recommendation
Status String Remediation activity status (Active/Completed)
statusLastModifiedOn DateTime Date when the status field was updated
targetDevices Long Number of exposed devices that this remediation is applicable to
Title String Title of this remediation activity
Type String Remediation type
vendorId String Related vendor name

See also

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.