Get-TenantAllowBlockListItems
Note: The features described in this topic are in Preview, are subject to change, and are not available in all organizations.
This cmdlet is available only in the cloud-based service.
Use the Get-TenantAllowBlockListItems cmdlet to view entries in the Tenant Allow/Block List in the Microsoft 365 Defender portal.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
Get-TenantAllowBlockListItems
-ListType <ListType>
[-ExpirationDate <DateTime>]
[-Allow]
[-Block]
[-Entry <String>]
[-ListSubType <ListSubType[]>]
[-OutputJson]
[<CommonParameters>] Get-TenantAllowBlockListItems
-ListType <ListType>
[-NoExpiration]
[-Allow]
[-Block]
[-Entry <String>]
[-ListSubType <ListSubType[]>]
[-OutputJson]
[<CommonParameters>] Description
You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.
Examples
Example 1
Get-TenantAllowBlockListItems -ListType Url -BlockThis example returns all blocked URLs.
Example 2
Get-TenantAllowBlockListItems -ListType FileHash -Entry "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"This example returns information for the specified file hash value.
Example 3
Get-TenantAllowBlockListItems -ListType Url -ListSubType AdvancedDeliveryThis example returns information for all allowed third-party phishing simulation URLs. For more information, see Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes.
Parameters
The Allow switch filters the results for allow entries. You don't need to specify a value with this switch.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Exchange Online Protection |
The Block switch filters the results for block entries. You don't need to specify a value with this switch.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Security & Compliance, Exchange Online Protection |
The Entry parameter filters the results based on the ListType parameter value. Valid values are:
- Url: The exact URL entry value.
- File: The exact SHA256 file hash value.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Security & Compliance, Exchange Online Protection |
The ExpirationDate parameter filters the results by expiration date in Coordinated Universal Time (UTC).
To specify a date/time value for this parameter, use either of the following options:
- Specify the date/time value in UTC: For example,
"2021-05-06 14:30:00z". - Specify the date/time value as a formula that converts the date/time in your local time zone to UTC: For example,
(Get-Date "5/6/2020 9:30 AM").ToUniversalTime(). For more information, see Get-Date.
| Type: | DateTime |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Security & Compliance, Exchange Online Protection |
The ListSubType parameter filters the results by subtype. Valid values are:
- AdvancedDelivery
- Tenant: This is the default value.
| Type: | ListSubType[] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Exchange Online Protection |
The ListType parameter specifies the list to view. Valid values are:
- FileHash
- Url
| Type: | ListType |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Security & Compliance, Exchange Online Protection |
The NoExpiration switch filters the results by entries that are set to never expire. You don't need to specify a value with this switch.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Security & Compliance, Exchange Online Protection |
The OutputJson switch specifies whether to return all entries in a single JSON value. You don't need to specify a value with this switch.
You use this switch to prevent the command from halting on the first entry that contains a syntax error.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Exchange Online, Security & Compliance, Exchange Online Protection |
피드백
다음에 대한 사용자 의견 제출 및 보기