Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.blinkops.com/llms.txt

Use this file to discover all available pages before exploring further.

Isolates a device from accessing external network. The following permission is required to run this action:
  • Machine.Isolate
External DocumentationTo learn more, visit the Microsoft Defender For Endpoints documentation.

Parameters

ParameterDescription
CommentComment to associate with the action.
Isolation TypeType of the isolation. Allowed values:
- Full - Full isolation.
- Selective - Restrict only limited set of applications from accessing the network.
Note: Isolating devices from the network is not currently supported for devices running macOS. For macOS, use live response to run the action. See Isolate devices from the network for more details.
Machine IDThe ID of the machine. Can be obtained using the List Machines action.

Example Output

{
	"id": "5382f7ea-7557-4ab7-9782-d50480024a4e",
	"type": "Isolate",
	"scope": "Selective",
	"requestor": "Analyst@TestPrd.onmicrosoft.com",
	"requestorComment": "test for docs",
	"status": "Succeeded",
	"machineId": "7b1f4967d9728e5aa3c06a9e617a22a4a5a17378",
	"computerDnsName": "desktop-test",
	"creationDateTimeUtc": "2019-01-02T14:39:38.2262283Z",
	"lastUpdateDateTimeUtc": "2019-01-02T14:40:44.6596267Z",
	"relatedFileInfo": null
}

Workflow Library Example

Isolate Machine with Microsoft Defender for Endpoints and Send Results Via Email
Workflow LibraryPreview this Workflow on desktop