Docs update tracker

Category	Microsoft Docs article	Related commit history on GitHub	Change details
admin	What Subscription Do I Have	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/what-subscription-do-i-have.md	f1.keywords: -+ audience: Admin
admin	Change Address Contact And More	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/change-address-contact-and-more.md	f1.keywords: -+ audience: Admin
commerce	Change Your Billing Addresses	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/change-your-billing-addresses.md	f1.keywords: -+ audience: Admin
commerce	Future Start Date	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/future-start-date.md	f1.keywords: -+ audience: Admin
commerce	Manage Billing Profiles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/manage-billing-profiles.md	f1.keywords: -+ audience: Admin
commerce	Manage Multi Tenant Billing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/manage-multi-tenant-billing.md	f1.keywords: NOCSH -+ audience: Admin
commerce	Mexico Billing Info	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/mexico-billing-info.md	f1.keywords: -+ audience: Admin
commerce	Tax Information	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/tax-information.md	f1.keywords: -+ audience: Admin
commerce	Understand Your Invoice	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/understand-your-invoice.md	Title: Understand your bill or invoice -+ audience: Admin f1.keywords:
commerce	Buy Or Edit An Add On	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/buy-or-edit-an-add-on.md	f1.keywords: -+ audience: Admin
commerce	Close Your Account	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/close-your-account.md	f1.keywords: -+ audience: Admin
commerce	Manage Partners	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/manage-partners.md	f1.keywords: -+ audience: Admin
commerce	Reactivate Your Subscription	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/reactivate-your-subscription.md	f1.keywords: -+ audience: Admin
commerce	Renew Your Subscription	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/renew-your-subscription.md	f1.keywords: -+ audience: Admin
commerce	What If My Subscription Expires	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/what-if-my-subscription-expires.md	f1.keywords: -+ audience: Admin
commerce	Understand Proposal Workflow	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/understand-proposal-workflow.md	f1.keywords: -+ audience: Admin
commerce	Use Cost Mgmt	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/use-cost-mgmt.md	Title: "Use Cost management in the Microsoft 365 admin center" -+ audience: Admin
security	Configure Updates	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-updates.md	Last updated 05/12/2021 > [!NOTE] > This functionality requires Microsoft Defender Antivirus version 4.18.2106.X or newer. -To create your own custom gradual rollout process for Defender updates, you can use Group Policy, Microsoft Configuration Manager, and PowerShell. +To create your own custom gradual rollout process for Defender updates, you can use Group Policy, Intune, and PowerShell. The following table lists the available group policy settings for configuring update channels:
security	Linux Support Ebpf	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-support-ebpf.md	Title: Use eBPF-based sensor for Microsoft Defender for Endpoint on Linux description: eBPF-based sensor deployment in Microsoft Defender for Endpoint on Linux. -keywords: microsoft, defender, Microsoft Defender for Endpoint, linux, events, ebpf -ms.sitesec: library -ms.pagetype: security ms.localizationpriority: medium The eBPF sensor for Microsoft Defender for Endpoint on Linux is supported on the \| Debian \| 9.0 \| 4.19.0 \| \| Oracle Linux \| 8.0 \| 4.18.0 \| -When the eBPF sensor is enabled on an endpoint, Defender for Endpoint on Linux updates supplementary_event_subsystem to ebpf. +When the eBPF sensor is enabled on an endpoint, Defender for Endpoint on Linux updates supplementary_events_subsystem to ebpf. ## Use eBPF
security	Mac Preferences	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-preferences.md	The following templates contain entries for all settings described in this docum <true/> <key>automaticDefinitionUpdateEnabled</key> <true/> + <key>cloudBlockLevel</key> + <string>normal</string> </dict> <key>edr</key> <dict> The following templates contain entries for all settings described in this docum <dict> <key>enforcementLevel</key> <string>block</key> + <key>exclusions</key> + <array> + <dict> + <key>path</key> + <string>/bin/zsh</string> + <key>teamId</key> + <string/> + <key>signingId</key> + <string>com.apple.zsh</string> + <key>args</key> + <array> + <string>/usr/local/bin/test.sh</string> + </array> + </dict> + <dict> + <key>path</key> + <string>/usr/local/jamf/bin/jamf</string> + <key>teamId</key> + <string>483DWKW443</string> + <key>signingId</key> + <string>com.jamfsoftware.jamf</string> + </dict> + </array> </dict> <key>userInterface</key> <dict> The following templates contain entries for all settings described in this docum <true/> <key>automaticDefinitionUpdateEnabled</key> <true/> + <key>cloudBlockLevel</key> + <string>normal</string> </dict> <key>edr</key> <dict> The following templates contain entries for all settings described in this docum <dict> <key>enforcementLevel</key> <string>block</key> + <key>exclusions</key> + <array> + <dict> + <key>path</key> + <string>/bin/zsh</string> + <key>teamId</key> + <string/> + <key>signingId</key> + <string>com.apple.zsh</string> + <key>args</key> + <array> + <string>/usr/local/bin/test.sh</string> + </array> + </dict> + <dict> + <key>path</key> + <string>/Library/Intune/Microsoft Intune Agent.app/Contents/MacOS/IntuneMdmDaemon</string> + <key>teamId</key> + <string>UBF8T346G9</string> + <key>signingId</key> + <string>IntuneMdmDaemon</string> + </dict> + </array> </dict> <key>userInterface</key> <dict>
security	Run Advanced Query Sample Powershell	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-advanced-query-sample-powershell.md	$tenantId = '00000000-0000-0000-0000-000000000000' # Paste your own tenant ID he $appId = '11111111-1111-1111-1111-111111111111' # Paste your own app ID here $appSecret = '22222222-2222-2222-2222-222222222222' # Paste your own app secret here -$resourceAppIdUri = 'https://api.securitycenter.microsoft.com' +$resourceAppIdUri = 'https://api.security.microsoft.com' $oAuthUri = "https://login.microsoftonline.com/$TenantId/oauth2/token" $body = [Ordered] @{ resource = "$resourceAppIdUri" where Run the following query: ```powershell +$token = $aadToken $query = 'DeviceRegistryEvents \| limit 10' # Paste your own query here -$url = "https://api.securitycenter.microsoft.com/api/advancedqueries/run" +$url = "https://api.security.microsoft.com/api/advancedhunting/run" $headers = @{ 'Content-Type' = 'application/json' Accept = 'application/json' You can now use the query results. To output the results of the query in CSV format in file file1.csv, run the following command: ```powershell -$results \| ConvertTo-Csv -NoTypeInformation \| Set-Content file1.csv +$results \| ConvertTo-Csv -NoTypeInformation \| Set-Content C:\file1.csv ``` To output the results of the query in JSON format in file file1.json, run the following command:
security	Run Analyzer Windows	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-analyzer-windows.md	By default, the unpacked MDEClientAnalyzerResult.zip file will contain the follo Description: Export of the Microsoft Monitoring Agent event log +- MdeConfigMgrLogs [Folder] + + - SecurityManagementConfiguration.json + + Description: Configurations sent from MEM (Microsoft Endpoint Manager) for enforcement. + + - policies.json + + Description: Policies settings to be enforced on the device. + + - report_xxx.json + + Description: Corresponding enforcement results.
security	Streaming Api Event Hub	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/streaming-api-event-hub.md	The following Advanced Hunting query can help provide a rough estimate of data v ```kusto let bytes_ = 500; -union withsource=MDTables* +union withsource=MDTables * \| where Timestamp > startofday(ago(6h)) \| summarize count() by bin(Timestamp, 1m), MDTables \| extend EPS = count_ /60
security	Whats New	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/whats-new.md	ms.pagetype: security ms.localizationpriority: medium Previously updated : 07/19/2023 Last updated : 07/20/2023 audience: ITPro You can also get product updates and important notifications through the [messag ## July 2023 -- A new URL and domain page is now available in Microsoft 365 Defender. The updated URL and domain page provides a single place to view all the information about a URL or a domain, including its reputation, the users who clicked it, the devices that accessed it, and emails where the URL or domain was seen. For details, see [Investigate URLs in Microsoft 365 Defender](/microsoft-365/security/defender-endpoint/investigate-domain.md). +- A new URL and domain page is now available in Microsoft 365 Defender. The updated URL and domain page provides a single place to view all the information about a URL or a domain, including its reputation, the users who clicked it, the devices that accessed it, and emails where the URL or domain was seen. For details, see [Investigate URLs in Microsoft 365 Defender](/microsoft-365/security/defender-endpoint/investigate-domain). ## June 2023

admin

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/what-subscription-do-i-have.md

f1.keywords:

-+ audience: Admin

admin

Change Address Contact And More

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/change-address-contact-and-more.md

f1.keywords:

-+ audience: Admin

commerce

Change Your Billing Addresses

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/change-your-billing-addresses.md

f1.keywords:

-+ audience: Admin

commerce

Future Start Date

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/future-start-date.md

f1.keywords:

-+ audience: Admin

commerce

Manage Billing Profiles

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/manage-billing-profiles.md

f1.keywords:

-+ audience: Admin

commerce

Manage Multi Tenant Billing

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/manage-multi-tenant-billing.md

f1.keywords: NOCSH

-+ audience: Admin

commerce

Mexico Billing Info

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/mexico-billing-info.md

f1.keywords:

-+ audience: Admin

commerce

Tax Information

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/tax-information.md

f1.keywords:

-+ audience: Admin

commerce

Understand Your Invoice

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/understand-your-invoice.md

Title: Understand your bill or invoice

-+ audience: Admin f1.keywords:

commerce

Buy Or Edit An Add On

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/buy-or-edit-an-add-on.md

f1.keywords:

-+ audience: Admin

commerce

Close Your Account

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/close-your-account.md

f1.keywords:

-+ audience: Admin

commerce

Manage Partners

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/manage-partners.md

f1.keywords:

-+ audience: Admin

commerce

Reactivate Your Subscription

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/reactivate-your-subscription.md

f1.keywords:

-+ audience: Admin

commerce

Renew Your Subscription

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/renew-your-subscription.md

f1.keywords:

-+ audience: Admin

commerce

What If My Subscription Expires

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/what-if-my-subscription-expires.md

f1.keywords:

-+ audience: Admin

commerce

Understand Proposal Workflow

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/understand-proposal-workflow.md

f1.keywords:

-+ audience: Admin

commerce

Use Cost Mgmt

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/use-cost-mgmt.md

Title: "Use Cost management in the Microsoft 365 admin center"

-+ audience: Admin

security

Configure Updates

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-updates.md

Last updated 05/12/2021

> [!NOTE] > This functionality requires Microsoft Defender Antivirus version 4.18.2106.X or newer.

-To create your own custom gradual rollout process for Defender updates, you can use Group Policy, Microsoft Configuration Manager, and PowerShell.

+To create your own custom gradual rollout process for Defender updates, you can use Group Policy, Intune, and PowerShell.

The following table lists the available group policy settings for configuring update channels:

security

Linux Support Ebpf

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/linux-support-ebpf.md

Title: Use eBPF-based sensor for Microsoft Defender for Endpoint on Linux description: eBPF-based sensor deployment in Microsoft Defender for Endpoint on Linux.

-keywords: microsoft, defender, Microsoft Defender for Endpoint, linux, events, ebpf

-ms.sitesec: library

-ms.pagetype: security

ms.localizationpriority: medium

The eBPF sensor for Microsoft Defender for Endpoint on Linux is supported on the

| Debian | 9.0 | 4.19.0 | | Oracle Linux | 8.0 | 4.18.0 |

-When the eBPF sensor is enabled on an endpoint, Defender for Endpoint on Linux updates supplementary_event_subsystem to ebpf.

+When the eBPF sensor is enabled on an endpoint, Defender for Endpoint on Linux updates supplementary_events_subsystem to ebpf.

## Use eBPF

security

Mac Preferences

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-preferences.md

The following templates contain entries for all settings described in this docum

<true/> <key>automaticDefinitionUpdateEnabled</key> <true/>

+ <key>cloudBlockLevel</key>

+ <string>normal</string>

</dict> <key>edr</key> <dict>

The following templates contain entries for all settings described in this docum

<dict> <key>enforcementLevel</key> <string>block</key>

+ <key>exclusions</key>

+ <array>

+ <dict>

+ <key>path</key>

+ <string>/bin/zsh</string>

+ <key>teamId</key>

+ <string/>

+ <key>signingId</key>

+ <string>com.apple.zsh</string>

+ <key>args</key>

+ <array>

+ <string>/usr/local/bin/test.sh</string>

+ </array>

+ </dict>

+ <dict>

+ <key>path</key>

+ <string>/usr/local/jamf/bin/jamf</string>

+ <key>teamId</key>

+ <string>483DWKW443</string>

+ <key>signingId</key>

+ <string>com.jamfsoftware.jamf</string>

+ </dict>

+ </array>

</dict> <key>userInterface</key> <dict>

The following templates contain entries for all settings described in this docum

<true/> <key>automaticDefinitionUpdateEnabled</key> <true/>

+ <key>cloudBlockLevel</key>

+ <string>normal</string>

</dict> <key>edr</key> <dict>

The following templates contain entries for all settings described in this docum

<dict> <key>enforcementLevel</key> <string>block</key>

+ <key>exclusions</key>

+ <array>

+ <dict>

+ <key>path</key>

+ <string>/bin/zsh</string>

+ <key>teamId</key>

+ <string/>

+ <key>signingId</key>

+ <string>com.apple.zsh</string>

+ <key>args</key>

+ <array>

+ <string>/usr/local/bin/test.sh</string>

+ </array>

+ </dict>

+ <dict>

+ <key>path</key>

+ <string>/Library/Intune/Microsoft Intune Agent.app/Contents/MacOS/IntuneMdmDaemon</string>

+ <key>teamId</key>

+ <string>UBF8T346G9</string>

+ <key>signingId</key>

+ <string>IntuneMdmDaemon</string>

+ </dict>

+ </array>

</dict> <key>userInterface</key> <dict>

security

Run Advanced Query Sample Powershell

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-advanced-query-sample-powershell.md

$tenantId = '00000000-0000-0000-0000-000000000000' # Paste your own tenant ID he

$appId = '11111111-1111-1111-1111-111111111111' # Paste your own app ID here $appSecret = '22222222-2222-2222-2222-222222222222' # Paste your own app secret here

-$resourceAppIdUri = 'https://api.securitycenter.microsoft.com'

+$resourceAppIdUri = 'https://api.security.microsoft.com'

$oAuthUri = "https://login.microsoftonline.com/$TenantId/oauth2/token" $body = [Ordered] @{ resource = "$resourceAppIdUri"

where

Run the following query: ```powershell

+$token = $aadToken

$query = 'DeviceRegistryEvents | limit 10' # Paste your own query here

-$url = "https://api.securitycenter.microsoft.com/api/advancedqueries/run"

+$url = "https://api.security.microsoft.com/api/advancedhunting/run"

$headers = @{ 'Content-Type' = 'application/json' Accept = 'application/json'

You can now use the query results.

To output the results of the query in CSV format in file file1.csv, run the following command: ```powershell

-$results | ConvertTo-Csv -NoTypeInformation | Set-Content file1.csv

+$results | ConvertTo-Csv -NoTypeInformation | Set-Content C:\file1.csv

``` To output the results of the query in JSON format in file file1.json, run the following command:

security

Run Analyzer Windows

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/run-analyzer-windows.md

By default, the unpacked MDEClientAnalyzerResult.zip file will contain the follo

Description: Export of the Microsoft Monitoring Agent event log

+- MdeConfigMgrLogs [Folder]

+

+ - SecurityManagementConfiguration.json

+

+ Description: Configurations sent from MEM (Microsoft Endpoint Manager) for enforcement.

+

+ - policies.json

+

+ Description: Policies settings to be enforced on the device.

+

+ - report_xxx.json

+

+ Description: Corresponding enforcement results.

security

Streaming Api Event Hub

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/streaming-api-event-hub.md

The following Advanced Hunting query can help provide a rough estimate of data v

```kusto let bytes_ = 500;

-union withsource=MDTables*

+union withsource=MDTables *

| where Timestamp > startofday(ago(6h)) | summarize count() by bin(Timestamp, 1m), MDTables | extend EPS = count_ /60

security

Whats New

https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/whats-new.md

ms.pagetype: security

ms.localizationpriority: medium Previously updated : 07/19/2023 Last updated : 07/20/2023 audience: ITPro

You can also get product updates and important notifications through the [messag

## July 2023 -- A new URL and domain page is now available in Microsoft 365 Defender. The updated URL and domain page provides a single place to view all the information about a URL or a domain, including its reputation, the users who clicked it, the devices that accessed it, and emails where the URL or domain was seen. For details, see [Investigate URLs in Microsoft 365 Defender](/microsoft-365/security/defender-endpoint/investigate-domain.md).

+- A new URL and domain page is now available in Microsoft 365 Defender. The updated URL and domain page provides a single place to view all the information about a URL or a domain, including its reputation, the users who clicked it, the devices that accessed it, and emails where the URL or domain was seen. For details, see [Investigate URLs in Microsoft 365 Defender](/microsoft-365/security/defender-endpoint/investigate-domain).

## June 2023