Forum Discussion
Handling Hundreds of Open orphaned Alerts in Microsoft Defender for Cloud
Hello Community,
I have several hundred open alerts generated by Microsoft Defender for Cloud that haven't been addressed. According to the documentation, it's essential to review and handle these alerts to ensure the Machine Learning algorithm adapts to our environment. Should I process each alert individually, which is challenging due to the historical context and missing logs, or use a script to clean them up manually? How would you approach this situation?
Thanks in advance for your help!
eranshitritMicrosoft
53CU1t
Have you tried to bulk change the status to dismissed?eranshitrit Hi, not yet. The question is if it is in general a good idea to do this because of ML? What is recommended to do in that situation. Regards
