檢查 Microsoft Defender for Endpoint 中的感應器健康狀態Check sensor health state in Microsoft Defender for Endpoint

適用於:Applies to:

想要體驗 Defender for Endpoint?Want to experience Defender for Endpoint? 注册免費試用版。Sign up for a free trial.

在 [安全性作業] 儀表板上會找到 具有感應器問題 磚的裝置。The Devices with sensor issues tile is found on the Security Operations dashboard. 此磚提供有關個別裝置提供感應器資料和與適用於端點的 Defender 服務通訊的能力之資訊。This tile provides information on the individual device’s ability to provide sensor data and communicate with the Defender for Endpoint service. 它報告需要注意的裝置數量,並協助您識別有問題的裝置並採取措施修正已知問題。It reports how many devices require attention and helps you identify problematic devices and take action to correct known issues.

磚上有兩個狀態指示器,可提供無法正確報告給服務之裝置數目的相關資訊:There are two status indicators on the tile that provide information on the number of devices that are not reporting properly to the service:

  • 設定 錯誤-這些裝置可能會部分向 Defender for Endpoint service 報告感應器資料,而且可能會發生需要修正的設定錯誤。Misconfigured - These devices might partially be reporting sensor data to the Defender for Endpoint service and might have configuration errors that need to be corrected.
  • 使用中-過去一個月內,已停止向 Defender for Endpoint service 報告的裝置超過7天。Inactive - Devices that have stopped reporting to the Defender for Endpoint service for more than seven days in the past month.

按一下任一群組可將您導向至 [ 裝置] 清單,並根據您的選擇加以篩選。Clicking any of the groups directs you to Devices list, filtered according to your choice.

具有感應器問題磚之裝置的螢幕擷取畫面

在 [ 裝置] 清單 上,您可以依下列狀態篩選健康狀態清單:On Devices list, you can filter the health state list by the following status:

  • 主動-正在 向 Defender for Endpoint service 報告的裝置。Active - Devices that are actively reporting to the Defender for Endpoint service.
  • 設定 錯誤-這些裝置可能會部分向 Defender for Endpoint service 報告感應器資料,但有需要修正的設定錯誤。Misconfigured - These devices might partially be reporting sensor data to the Defender for Endpoint service but have configuration errors that need to be corrected. 設定錯誤的裝置可能存在以下一個或多個問題:Misconfigured devices can have either one or a combination of the following issues:
    • 沒有感應器資料 -裝置已停止傳送感應器資料。No sensor data - Devices has stopped sending sensor data. 裝置可以觸發有限的警示。Limited alerts can be triggered from the device.
    • 受到影響的 通訊-與裝置通訊的功能遭到削弱。Impaired communications - Ability to communicate with device is impaired. 傳送檔案進行深入分析、封鎖檔案、將裝置與網路隔離以及其他需要與裝置通訊的動作可能無法運行。Sending files for deep analysis, blocking files, isolating device from network and other actions that require communication with the device may not work.
  • 使用中-已停止向 Defender for Endpoint service 報告的裝置。Inactive - Devices that have stopped reporting to the Defender for Endpoint service.

您也可以使用 匯出 功能,以 CSV 格式下載整個清單。You can also download the entire list in CSV format using the Export feature. 如需篩選的詳細資訊,請參閱 查看和組織裝置清單For more information on filters, see View and organize the Devices list.

注意

以 CSV 格式匯出清單以顯示未篩選的資料。Export the list in CSV format to display the unfiltered data. CSV 檔案會包含組織中的所有裝置,不論該視圖本身所套用的篩選為何,也視您的組織規模大小而定,下載時間很長。The CSV file will include all devices in the organization, regardless of any filtering applied in the view itself and can take a significant amount of time to download, depending on how large your organization is.

裝置清單頁面的螢幕擷取畫面

當您按一下設定不當或非使用的裝置時,您可以查看裝置詳細資料。You can view the device details when you click on a misconfigured or inactive device.