Test-MtMdeRetainCleanedMalware
SYNOPSISโ
Checks if cleaned malware is retained for at least 30 days for forensic analysis
SYNTAXโ
Test-MtMdeRetainCleanedMalware [[-ComplianceLogic] <String>] [[-PolicyFiltering] <String>]
[-ProgressAction <ActionPreference>] [<CommonParameters>]
DESCRIPTIONโ
Verify that cleaned malware is retained for at least 30 days to support forensic analysis and threat investigation. Short retention may impact forensic analysis and threat investigation.
EXAMPLESโ
EXAMPLE 1โ
Test-MtMdeRetainCleanedMalware
Returns true if all assigned Defender AV policies have cleaned malware retention set to at least 30 days.
PARAMETERSโ
-ComplianceLogicโ
Determines how policy compliance is evaluated. 'AllPolicies' requires every assigned policy to be compliant; 'AnyPolicy' requires at least one. Default: 'AllPolicies'.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 1
Default value: AllPolicies
Accept pipeline input: False
Accept wildcard characters: False
-PolicyFilteringโ
Determines which Defender Antivirus policies are evaluated. 'OnlyAssigned' (default) checks only assigned policies; 'IncludeUnassigned' includes unassigned policies; 'All' includes every policy.
Type: String
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: OnlyAssigned
Accept pipeline input: False
Accept wildcard characters: False
-ProgressActionโ
{{ Fill ProgressAction Description }}
Type: ActionPreference
Parameter Sets: (All)
Aliases: proga
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParametersโ
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
INPUTSโ
OUTPUTSโ
System.Booleanโ
NOTESโ
RELATED LINKSโ
https://maester.dev/docs/commands/Test-MtMdeRetainCleanedMalware