diff --git a/memdocs/intune/protect/epm-policies.md b/memdocs/intune/protect/epm-policies.md index 1753d2f570..c878873eb3 100644 --- a/memdocs/intune/protect/epm-policies.md +++ b/memdocs/intune/protect/epm-policies.md @@ -261,7 +261,10 @@ Use either of the following methods to create new elevation rules, which are add 1. For the rule, configure the elevation **Type** and **Child process behavior**, and then select **OK**. The policy is updated with the new rule. 2. After the rule is added to the policy, you can edit the policy to gain access to the rule and then modify it to make additional configurations if needed. - + + **Require the same file path as this elevation:** + When you select this checkbox, the File Path field in the rule is set to the file path as seen in the report. If the checkbox isn’t selected, the path remains empty. + :::image type="content" source="./media/epm-policies/create-a-rule.png" alt-text="Image from the admin center UI of the create a rule pane." lightbox="./media/epm-policies/create-a-rule.png"::: ### Manually configure elevation rules for Windows elevation rules policy diff --git a/memdocs/intune/protect/mde-security-integration.md b/memdocs/intune/protect/mde-security-integration.md index 40b3923dad..ad102136f1 100644 --- a/memdocs/intune/protect/mde-security-integration.md +++ b/memdocs/intune/protect/mde-security-integration.md @@ -469,6 +469,8 @@ For the list of policy and profile combinations supported for security settings ## Monitor status +**Intune:** + Status and reports for policies that target devices in this channel are available from the policy node under Endpoint security in the Microsoft Intune admin center. Drill in to the policy type and then select the policy to view its status. You can view the list of platforms, policy types, and profiles that support security settings management in the table in [Which solution should I use](#which-solution-should-i-use), earlier in this article. @@ -476,9 +478,20 @@ Drill in to the policy type and then select the policy to view its status. You c When you select a policy, you can view information about the device check-in status, and can select: - **View report** - View a list of devices that received the policy. You can select a device to drill in and see its per-setting status. You can then select a setting to view more information about it, including other policies that manage that same setting, which could be a source of conflict. - - **Per setting status** - View the settings that are managed by the policy, and a count of success, errors, or conflicts for each setting. +**Defender Portal:** + +You can also monitor the Intune policies that are applied from within the [Microsoft Defender portal](https://security.microsoft.com/). Within the portal, go to **Endpoints**, expand configuration management and select *Endpoint security policies*. Select a policy to view its status, and then select: + +- **Overview** - View an overview of the groups the policy is applied to, the policy settings that are applied, and device check-in status. +- **Policy Settings Values** - View the settings that are configured by the policy. +- **Policy settings status** - View the settings that are managed by the policy, and a count of success, errors, or conflicts for each setting. +- **Applied devices** - View the devices to which the policy is applied. +- **Assigned Groups** - View the groups to which the policy is assigned. + +For additional information, see [Manage endpoint security policies in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/manage-security-policies?toc=/mem/intune/toc.json&bc=/mem/breadcrumb/toc.json) in the Defender content. + ## Frequently asked questions and considerations ### Device check-in frequency