Forum Discussion
Manage Microsoft 365 Defender Alerts in Azure Sentinel
We're trying to find a way to manage the 'out of the box' alerts that come with Defender 365 about 95% of which are FP. Is there a way to build some sort of dashboard in Sentinel with alerts? I don...
Hey there. Check out the Active Alerts Workbook at https://github.com/Azure/Microsoft-Defender-for-Cloud/tree/main/Workbooks/Azure%20Defender%20Active%20Alerts
That might be a good place to start as you can edit the workbook to see all the KQL involved and adjust to taste.
That might be a good place to start as you can edit the workbook to see all the KQL involved and adjust to taste.
digitalohm - thank you!