diff --git a/EDR_telem_linux.json b/EDR_telem_linux.json
index 14b9ecb..759c854 100644
--- a/EDR_telem_linux.json
+++ b/EDR_telem_linux.json
@@ -248,7 +248,7 @@
     "ESET Inspect":"Yes",
     "Elastic":"No",
     "LimaCharlie":"No",
-    "MDE":"No",
+    "MDE":"Via EnablingTelemetry",
     "Qualys":"No",
     "SentinelOne":"No",
     "Sysmon":"No",
@@ -278,7 +278,7 @@
     "ESET Inspect":"No",
     "Elastic":"No",
     "LimaCharlie":"No",
-    "MDE":"No",
+    "MDE":"Via EnablingTelemetry",
     "Qualys":"No",
     "SentinelOne":"No",
     "Sysmon":"No",
@@ -338,7 +338,7 @@
     "ESET Inspect":"No",
     "Elastic":"No",
     "LimaCharlie":"Yes",
-    "MDE":"No",
+    "MDE":"Partially",
     "Qualys":"No",
     "SentinelOne":"Yes",
     "Sysmon":"No",
diff --git a/partially_value_explanations_linux.json b/partially_value_explanations_linux.json
index 766ec05..bb8b5f5 100644
--- a/partially_value_explanations_linux.json
+++ b/partially_value_explanations_linux.json
@@ -316,7 +316,7 @@
       "CrowdStrike":"",
       "Sysmon":"",
       "LimaCharlie":"",
-      "MDE":"",
+      "MDE":{"Partially":"Only available through the timeline. Not searchable in a query."},
       "Elastic":"",
       "Auditd":"",
       "Carbon Black Cloud":""