MicrosoftYes Dean_Gross , and I can easily get Incidents or Alerts for a specific tenant, even across tenants through DAP/GDAP/CSP rights. However - rather than querying hundreds of tenants, or trying to set up WebHook subscriptions or similar for them - I was going to just start with Auditing (and possibly manually configuring) the Notification Emails and Alerts to send an email to our ticketing system that we could follow up on.
However, I can't find any PowerShell commands or API where I can access these notification settings (access the actual ALERTS themselves, no problem, but not audit the actual Notification Configuration on more than an individual Alert/Incident level)
The backend of security.microsoft.com uses private API endpoints like https://security.microsoft.com/apiproxy/mtp/k8s/settings/ThreatAnalyticNotificationsSettings
or https://security.microsoft.com/apiproxy/mtp/k8s/cloud/public/internal/IncidentNotificationSettingsV2 as an example for Incident Notifications.
The list in my previous post is the URLs that you access as the Administrator to configure these by hand, but I am hoping to find a way to get API/Programmatic/Scripted access to these values - but I cannot find any (public) API that seems to access them
