I'm very new to PowerShell and I have a question in regards to Microsoft Intune and PowerShell.
I have this GetMPComputerStatus|select AMRunning to check if Defender is "Normal" or "Passive", that's the only two outcomes.
How do I make an if or search statement so I can get all the devices which returns "Passive"?
When you say "get all the devices which returns "Passive"", I assume you need to check different computers and filter out all that have their antimalware software not in "Normal" mode.
For that you can use the -CimSession parameter that allows you to enter (an array) of computernames to test.
$computers = 'PC01', 'PC02', 'PC03' # the computers you need to check
Get-MpComputerStatus -CimSession $computers |
Where-Object {$_.AMRunningMode -eq 'Passive' } | # or use Where-Object {$_.AMRunningMode -ne 'Normal' }
Select-Object PsComputerName, AMRunningMode