Cmdlets

Choose a cmdlet from the list on the left or search for a specific cmdlet. Choose a cmdlet from the list or search for a specific cmdlet.
About Help  Providers
 

Set-AzureVMMicrosoftAntimalwareExtension

Set-AzureVMMicrosoftAntimalwareExtension

microsoft.windowsazure.commands.servicemanagement.dll

Synopsis

Configures the Microsoft Antimalware extension for a virtual machine.

Syntax

Set-AzureVMMicrosoftAntimalwareExtension [-AntimalwareConfigFile] [-Version] [-Monitoring] [-StorageContext] [-VM] [<CommonParameters>]

Set-AzureVMMicrosoftAntimalwareExtension [-AntimalwareConfiguration] [-Version] [-Monitoring] [-StorageContext] [-VM] [<CommonParameters>]

Set-AzureVMMicrosoftAntimalwareExtension [-Version] [-Disable] [-VM] [<CommonParameters>]

Set-AzureVMMicrosoftAntimalwareExtension [-Uninstall] [-VM] [<CommonParameters>]

Set-AzureVMMicrosoftAntimalwareExtension [-Monitoring] [-StorageContext] [-NoConfig] [-VM] [<CommonParameters>]

Detailed Description

The Set-AzureVMMicrosoftAntimalwareExtension cmdlet configures the Microsoft Antimalware extension for a virtual machine. You can enable, disable, or uninstall the extension.

Parameters

-AntimalwareConfigFile <String>

Specifies the absolute path to the Microsoft Antimalware configuration file. Do not specify this parameter if you specify the AntimalwareConfiguration parameter. The configuration file must include, at a minimum, the following content to enable the Microsoft Antimalware extension: { "AntimalwareEnabled": true }

Aliases

None

Required?

true

Position

1

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-Version <String>

Specifies the extension version as a string.

Aliases

None

Required?

false

Position

2

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-Monitoring <String>

Specifies whether to collect Microsoft Antimalware events. Valid values are: -- ON. Collect Microsoft Antimalware events to storage context. -- OFF. Do not collect Microsoft Antimalware events.

Aliases

None

Required?

false

Position

3

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-StorageContext <AzureStorageContext>

Specifies an Azure storage context for Microsoft Antimalware monitoring.

Aliases

None

Required?

false

Position

4

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-VM <IPersistentVM>

Specifies the virtual machine as an IPersistentVM object.

Aliases

None

Required?

true

Position

named

Default value

none

Accept pipeline input?

true (ByValue, ByPropertyName)

Accept wildcard characters?

false

-AntimalwareConfiguration <String>

Specifies a string object that contains the Microsoft Antimalware configuration. This object must not be $Null or empty. Do not specify this parameter if you specify the AntimalwareConfigFile parameter. The configuration object must include, at a minimum, the following content to enable the Microsoft Antimalware extension: { "AntimalwareEnabled": true }Microsoft Antimalware JSON configuration sample: { "AntimalwareEnabled": true, "RealtimeProtectionEnabled": true, "ScheduledScanSettings": { "isEnabled": true, "day": 1, "time": 120, "scanType": "Full" }, "Exclusions": { "Extensions": ".ext1;.ext2", "Paths": "c:\excluded-path-1;c:\excluded-path-2", "Processes": "excludedproc1.exe;excludedproc2.exe" } } Notes: AntimalwareEnabled is a required parameter. Values: true= Enable. false= Error out as false is not a supported value RealtimeProtectionEnabled: true/false. true = Enable. false = Disable. Default is true ScheduledScanSettings: isEnabled=true/false day=0-8 (0-daily, 1-Sunday, 2-Monday, ...., 7-Saturday, 8-Disabled) time=0-1440 (measured in minutes after midnight - 60->1AM, 120 -> 2AM, ... ) scanType="Quick" or "Full" (Default is Quick) Note: If isEnabled=true is the only setting provided, the following defaults are set: day=7 (Saturday), time=120 (2 AM), scanType="Quick" Exclusions: Multiple exclusions in the same list are specified by using semicolon delimiters. If no exclusions are specified, then the existing exclusions, if any, are overwritten by blank on the system.

Aliases

None

Required?

true

Position

1

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-Disable <SwitchParameter>

Indicates that the cmdlet disables the Microsoft Antimalware extension. To re-enable the extension on the same virtual machine, run Set-AzureVMMicrosoftAntimalwareExtension without the Disable parameter.

Aliases

None

Required?

false

Position

2

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-Uninstall <SwitchParameter>

Indicates that this cmdlet uninstalls the Microsoft Antimalware extension from the virtual machine. If monitoring was turned on, the cmdlet also removes the collection of Microsoft Antimalware events.

Aliases

None

Required?

true

Position

1

Default value

none

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

-NoConfig <SwitchParameter>

Aliases

None

Required?

true

Position

3

Default value

None

Accept pipeline input?

true (ByPropertyName)

Accept wildcard characters?

false

Input Type


Return Type


Notes

Examples

-------------------------- Example 1: Enable the extension by using a configuration file --------------------------

This command enables the Microsoft Antimalware extension by using a configuration file. The command uses the Get-AzureVM cmdlet to get the specified virtual machine object, and then passes the object to the current cmdlet by using the pipeline operator.

PS C:\>Get-AzureVM -ServiceName "ContosoService03" -Name "ContosoVM22" | Set-AzureVMMicrosoftAntimalwareExtension -AntimalwareConfigFile 'C:\configuration\contosoVM.json' | Update-AzureVM

-------------------------- Example 2: Enable the extension and enable monitoring --------------------------

The first command creates an AzureStorageContext object by using the New-AzureStorageContext cmdlet, and then stores it in the $StorageContext variable.

PS C:\>$StorageContext = New-AzureStorageContext -StorageAccountName "contosostoragemain" -StorageAccountKey (Get-AzureStorageKey -StorageAccountName "Contosostoragemain").Primary
PS C:\> Get-AzureVM -ServiceName "ContosoService03" -Name"ContosoVM22" | Set-AzureVMMicrosoftAntimalwareExtension -AntimalwareConfigFile 'C:\configuration\contosoVM.json" -Monitoring ON -StorageContext $StorageContext | Update-AzureVM

-------------------------- Example 3: Enable the extension by specifying a configuration object --------------------------

The first command creates a string object by reading a JSON configuration for the Microsoft Antimalware extension, and then storing it in the $config_string variable.

PS C:\>$config_string = [IO.File]::ReadAllText('C:\configuration\contosoVM.json')
PS C:\> Get-AzureVM -ServiceName "ContosoService03" -Name "ContosoVM22" | Set-AzureVMMicrosoftAntimalwareExtension -AntimalwareConfiguration $config_string | Update-AzureVM

-------------------------- Example 4: Disable the extension --------------------------

This command disables the extension without removing it. The command uses Get-AzureVM to get the specified virtual machine object, and then passes the object to the current cmdlet.

PS C:\>Get-AzureVM -ServiceName "ContosoService03" -Name "ContosoVM22" | Set-AzureVMMicrosoftAntimalwareExtension -Disable | Update-AzureVM

-------------------------- Example 5: Remove the extension --------------------------

This command removes the Microsoft Antimalware extension from the virtual machine. The command uses Get-AzureVM to get the specified virtual machine object, and then passes the object to the current cmdlet.

PS C:\>Get-AzureVM -ServiceName "ContosoService03" -Name"ContosoVM22" | Set-AzureVMMicrosoftAntimalwareExtension -Uninstall | Update-AzureVM

Online Version
Get-AzureVM
Update-AzureVM
New-AzureStorageContext
Get-AzureVMMicrosoftAntimalwareExtension
Remove-AzureVMMicrosoftAntimalwareExtension