Forum Discussion
Defender for Identity health issues - Not Closing
We have old issues and they're not being "Closed" as reported.
Are we missing something or is this "Microsoft Defender for Identity" Health Issues process broken? Thanks!
Closed: A health issue is automatically marked as Closed when Microsoft Defender for Identity detects that the underlying issue is resolved. If you have the Azure ATP (workspace name) Administrator role, you can also manually close a health issue.
1 Reply
JunaidHaniefMicrosoft
Hi MPH2
A health issue is automatically marked as Closed when Microsoft Defender for Identity detects that the underlying issue is resolved. Yes - provided that you have correctly followed the recommended action and implemented the configuration attached to that health alert.
If you have the Azure ATP (workspace name) Administrator role, you can also manually close a health issue. You can close the health issue manually, but it will come back after 1minute to 24hrs due to continuous scanning for health issues.
The best approach is:
1. Check the health alert description and understand it properly.
2. Make the required changes.
3. Close the health alert manually if you are confident about the changes being in line with what was recommended and if it is still showing up after you made the changes.
4. If it comes back - create a support ticket with Defender for Identity support. Provide the health alert export + Screenshots and the documentation or steps followed to resolve the health issue.
MDI support with validate the settings and escalate if needed.