Isolate Machine
Isolates a device from accessing external network.
The following permission is required to run this action:
Machine.Isolate
External Documentation
To learn more, visit the Microsoft Defender For Endpoints documentation.
Parameters
Parameter | Description |
---|---|
Comment | Comment to associate with the action. |
Isolation Type | Type of the isolation. Allowed values:
|
Machine ID | The ID of the machine. Can be obtained using the List Machines action. |
Example Output
{
"id": "5382f7ea-7557-4ab7-9782-d50480024a4e",
"type": "Isolate",
"scope": "Selective",
"requestor": "Analyst@TestPrd.onmicrosoft.com",
"requestorComment": "test for docs",
"status": "Succeeded",
"machineId": "7b1f4967d9728e5aa3c06a9e617a22a4a5a17378",
"computerDnsName": "desktop-test",
"creationDateTimeUtc": "2019-01-02T14:39:38.2262283Z",
"lastUpdateDateTimeUtc": "2019-01-02T14:40:44.6596267Z",
"relatedFileInfo": null
}
Workflow Library Example
Isolate Machine with Microsoft Defender for Endpoints and Send Results Via Email
Preview this Workflow on desktop