Windows Defender

Microsoft.WindowsDefender :: 7.1.10128.1 (Management Pack)

Windows Defender monitoring management pack

Summary

This management pack helps you monitor health of Windows Defender on a machine.

Management Pack Elements

Show Management Pack References

TypeDefinitions

EntityTypes

ClassType (3)

ModuleTypes

DataSourceModuleType (8)
ProbeActionModuleType (2)

UnitMonitorType (6)

Monitoring

Discovery (3)
Monitors

AggregateMonitor (2)
UnitMonitor (6)

Classes (3)

System.Entity

System.LogicalEntity

System.ComputerRole

Microsoft.Windows.ComputerRole

	DisplayName	ID	Base Class	Abstract	Hosted	Singleton	Group	Extension	Accessibility
	Protected Endpoint	Microsoft.WindowsDefender.ProtectedServer	Microsoft.Windows.ComputerRole	False	True	False	False	False	Public
	Protected Candidate	Microsoft.WindowsDefender.ProtectedServerCandidate	Microsoft.Windows.ComputerRole	False	True	False	False	False	Public
	Unprotected Endpoint	Microsoft.WindowsDefender.UnprotectedServer	Microsoft.Windows.ComputerRole	False	True	False	False	False	Public

DataSource Modules (8)

	DisplayName	ID	Isolation	Accessibility
	Event Data Source	Microsoft.WindowsDefender.ProtectedServer.AMEngineEventDSType	Any	Internal
	AntimalwareDefinitions Data Source	Microsoft.WindowsDefender.ProtectedServer.AntimalwareDefinitionsEventDSType	Any	Internal
	Server Protection Event Data Source	Microsoft.WindowsDefender.ProtectedServer.AntimalwareScanEventDSType	Any	Internal
	Protected Endpoint Data Source	Microsoft.WindowsDefender.ProtectedServer.DS	Any	Public
	MalwareActivity Data Source	Microsoft.WindowsDefender.ProtectedServer.MalwareActivity.MalwareActivityEventsWithAdditionalInfoDSType	Any	Internal
	RTP Event Data Source	Microsoft.WindowsDefender.ProtectedServer.RTPEventDSType	Any	Internal
	Protected Candidate Data Source	Microsoft.WindowsDefender.ProtectedServerCandidate.DS	Any	Public
	Unprotected Endpoint Data Source	Microsoft.WindowsDefender.UnprotectedServer.DS	Any	Public

ProbeAction Modules (2)

	DisplayName	ID	Isolation	Accessibility
	Windows Defender WMI Probe Action	Microsoft.WindowsDefender.AntimalwareWMIProbeActionModuleType	Any	Internal
	WMI Probe for Infection Status	Microsoft.WindowsDefender.ProtectedServer.MalwareActivity.GetInfectionStatusWmiProbeType	Any	Internal

Unit Monitor Types (6)

	DisplayName	ID	Accessibility	Support Monitor Recalculate
	Active Malware Monitor Type	Microsoft.WindowsDefender.ProtectedServer.MalwareActivity.ActiveMalwareMonitorType	Public	True
	Malware Detection Monitor Type	Microsoft.WindowsDefender.ProtectedServer.MalwareActivity.OutbreakMonitorType	Public	True
	Windows Defender Engine Monitor Type	Microsoft.WindowsDefender.SecurityVulnerability.AMEngineMonitorType	Public	True
	Windows Defender Definitions Monitor Type	Microsoft.WindowsDefender.SecurityVulnerability.AntimalwareDefinitions.MonitorType	Public	True
	Windows Defender Scan Monitor Type	Microsoft.WindowsDefender.SecurityVulnerability.AntimalwareScan.MonitorType	Public	True
	Windows Defender Real-time Protection Monitor Type	Microsoft.WindowsDefender.SecurityVulnerability.RTPMonitorType	Public	True

Discoveries (3)

	DisplayName	ID	Target	Enabled
	Protected Endpoint Discovery	Microsoft.WindowsDefender.ProtectedServer.Discovery	Microsoft.WindowsDefender.ProtectedServerCandidate	True
	Protected Endpoint Candidate Discovery	Microsoft.WindowsDefender.ProtectedServerCandidate.Discovery	Microsoft.Windows.Computer	True
	Unprotected Endpoint Discovery	Microsoft.WindowsDefender.UnprotectedServer.Discovery	Microsoft.Windows.Computer	True

Aggregate Monitors (2)

	DisplayName	ID	Target	Algorithm	Category	Enabled	Alert Generate	Accessibility
	Protected Endpoint Aggregate Monitor	Microsoft.WindowsDefender.ProtectedServer.WindowsDefender.Aggregate.Monitor	Microsoft.WindowsDefender.ProtectedServer	WorstOf	Custom	True	False	Public
	Unprotected Endpoint Aggregate Monitor	Microsoft.WindowsDefender.UnprotectedServer.WindowsDefender.Aggregate.Monitor	Microsoft.WindowsDefender.UnprotectedServer	WorstOf	Custom	True	False	Public

Unit Monitors (6)

	DisplayName	ID	Target	Category	Enabled	Alert Generate	Accessibility
	Active Malware Monitor	Microsoft.WindowsDefender.ProtectedServer.ActiveMalware.Monitor	Microsoft.WindowsDefender.ProtectedServer	SecurityHealth	True	True	Public
	Windows Defender Service Status Monitor	Microsoft.WindowsDefender.ProtectedServer.AMStatus.Monitor	Microsoft.WindowsDefender.ProtectedServer	Custom	True	True	Public
	Windows Defender Definitions Monitor	Microsoft.WindowsDefender.ProtectedServer.AntimalwareDefinitions.Monitor	Microsoft.WindowsDefender.ProtectedServer	Custom	True	True	Public
	Windows Defender Scan Monitor	Microsoft.WindowsDefender.ProtectedServer.AntimalwareScan.Monitor	Microsoft.WindowsDefender.ProtectedServer	Custom	True	True	Public
	Malware Detection Monitor	Microsoft.WindowsDefender.ProtectedServer.MalwareActivity.OutbreakMonitor	Microsoft.WindowsDefender.ProtectedServer	SecurityHealth	True	True	Public
	Real-Time Protection Status Monitor	Microsoft.WindowsDefender.ProtectedServer.RTPStatus.Monitor	Microsoft.WindowsDefender.ProtectedServer	Custom	True	True	Public