Issue
I have a Linux endpoint that has the Microsoft Defender for Endpoint sensor installed. The endpoint is checking in but it appears that no telemetry is being collected or being sent to Red Canary.
Environment
Microsoft Defender for Endpoint
Linux
Resolution
Restart the sensor by executing the following command:
sudo service mdatp restart
After executing the command above, please allow five minutes before verifying that data is flowing.
Cause
The sensor's service may hang after a system update.
Reference
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/linux-support-install?view=o365-worldwide#steps-to-troubleshoot-if-the-mdatp-service-isnt-running
Comments
0 comments
Please sign in to leave a comment.