Forum Discussion

mschcomm's avatar
mschcomm
Copper Contributor
Jun 21, 2021
Solved

Automation rules on Microsoft Defender Connector

Hi guys,   Just configured the "Microsoft 365 Defender (Preview)" connector within Sentinel which automatically receives alerts from Defender for Endpoint and MCAS. Is there anyway to auto supress ...
  • Thijs Lecomte's avatar
    Thijs Lecomte
    Jun 21, 2021
    In order to close MDE alerts, select 'All' for the Analytic Rule filter and use Microsoft Product or title conditions to run your rules
mschcomm's avatar
mschcomm
Copper Contributor
Jun 21, 2021
Doesn't that need to be linked to an analytic rule? or do they run also without?
Thijs Lecomte's avatar
Thijs Lecomte
Bronze Contributor
Jun 21, 2021
In order to close MDE alerts, select 'All' for the Analytic Rule filter and use Microsoft Product or title conditions to run your rules
  • mschcomm's avatar
    mschcomm
    Copper Contributor
    Jun 21, 2021

    Thijs Lecomte Thanks Thijs! I totally missed the fact that you could use it without a specific rule.

     

Resources