Forum Discussion

StephanGee's avatar
StephanGee
Steel Contributor
Aug 04, 2023
Solved

"Send only one notification per incident" not working - getting 20 mails for 1 incident

Hi everyone,   we are using the mail alerts for opening tickets in our ticket system. Every mail = one ticket   We have selected "Send only one notification per incident" for this. But we are g...
incident management
  • HeikeRitter's avatar
    HeikeRitter
    Aug 04, 2023
    Hi Stephan, not an expert here - but trying to help troubleshoot 🙂
    I see that there are two places to set email notifications
    Settings > for Microsoft 365 Defender
    and Settings > Endpoints

    Also in the settings for Microsoft 365 Defender you can specify the source of the alert, did you select all of them, or just Microsoft 365 Defender with the sub items?
    I am wondering you somehow activated duplicated settings.
    I can't see from your screenshot what the sources are, but are these all endpoint alerts?
StephanGee's avatar
StephanGee
Steel Contributor
Aug 04, 2023

HeikeRitter 

I think this is it! We have it for alerts AND incidents 🙂

I disabled the alert rule for our shared mailbox - maybe this was it.

Thanks

 

In this case it was an endpoint alert.

We did select all of them. 

 

HeikeRitter's avatar
HeikeRitter
Icon for Microsoft rankMicrosoft
Aug 07, 2023
Great, glad I could help 🙂 I will also chat with the feature owners, to make these things more clear.
  • StephanGee's avatar
    StephanGee
    Steel Contributor
    Dec 07, 2023
    Now we have another issue - it does not send a mail for "some" incidents. So we miss incidents - which can be dangerous if they are a real incident.