Forum Discussion
AshleyMartin
Microsoft
MicrosoftNew Blog Post | "How to reduce incident triage and investigation times using dynamic alert details”
Alert enrichment "how to reduce incident triage and investigation times using dynamic alert details” - Microsoft Tech Community
Generally, the purpose of “alert enrichment” is to allow custo...
I found this feature very interesting.
I'm structuring SIEM to bring a dynamic description of the alert, so this function was great.
The bad point is that it is possible to use only 3 columns in the description.
I imagine that in the future it should expand this number.
I'm structuring SIEM to bring a dynamic description of the alert, so this function was great.
The bad point is that it is possible to use only 3 columns in the description.
I imagine that in the future it should expand this number.
