Windows Defender |
Agent | Client Extension | |||||||
Provides real-time properties describing the state of Microsoft Windows Defender Antivirus. |
Microsoft Windows | Microsoft Windows | Apple macOS | Ubuntu | Chrome OS | IGEL OS | Unicon eLux |
Antimalware Version |
|||||||
The version of the anti-malware component.
Realtime property with version data type.
|
Antispyware Version |
|||||||
The version of the anti-spyware component.
Realtime property with version data type.
|
Antivirus Version |
|||||||
The version of the anti-virus component.
Realtime property with version data type.
|
Behavior Threats |
|||||||
Determines the number of threats identified by behavioral analysis.
Realtime property with number data type.
|
Cloud Protection |
|||||||
Defines the status of Cloud Delivered Protection, which enables Windows Defender to receive the latest protection from the cloud.
Realtime property with enum data type with options Disabled, Basic, Advanced.
|
Controlled Folder Access |
|||||||
Defines the status of Windows Defender Exploit Guard's controlled folder access, which protects files, folders and memory from unauthorized changes by unfriendly applications.
Realtime property with boolean data type.
|
Engine Version |
|||||||
The version of the engine.
Realtime property with version data type.
|
Excluded Extensions |
|||||||
Defines the file extensions excluded from Windows Defender.
Realtime property with text data type.
|
Excluded Paths |
|||||||
Defines the files or folders excluded from Windows Defender.
Realtime property with text data type.
|
Excluded Processes |
|||||||
Defines the process names excluded from Windows Defender.
Realtime property with text data type.
|
Last Full Scan |
|||||||
The time of the last full scan.
Realtime property with datetime data type.
|
Last Quick Scan |
|||||||
The time of the last quick scan.
Realtime property with datetime data type.
|
Network Definition Version |
|||||||
The version of the network definitions.
Realtime property with version data type.
|
Network Engine Version |
|||||||
The version of the network engine.
Realtime property with version data type.
|
Real-Time Protection |
|||||||
Set to true when Windows Defender's real time protection is enabled, including behavior monitoring, downloaded files and attachment scanning, monitoring of file and program activity, raw volume write notifications, and process scanning.
Realtime property with boolean data type.
|
Sample Submission |
|||||||
Defines the status of Windows Defender sample submission, which sends sample files to Microsoft when further analysis is required.
Realtime property with enum data type with options Prompt, Send Safe Samples Automatically, Never Send Samples, Send All Samples Automatically.
|
Signature Threats |
|||||||
Determines the number of threats identified by their signature.
Realtime property with number data type.
|
Status |
|||||||
The status of Windows Defender.
Realtime property with enum data type with options Active, Pending Full Scan, Pending Reboot, Pending Manual Steps, Pending Offline Scan, Due Full Scan, Due Quick Scan, Inactive.
|
Tamper Protection |
|||||||
Set to true when Windows Defender is configured to prevent third party processes from changing its settings.
Realtime property with boolean data type.
|