Forum Discussion
Unsupported alerts
Can anyone tell me why the Investigation state for some alerts from MCAS show up in M365 Defender as "unsupported alerts" ?
Unsupported alert type alert status means, that automated investigation capabilities cannot pick up that alert to run an automated investigation. You can however investigate those alerts manually. See more here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/review-alerts?view=o365-worldwide
1 Reply
Unsupported alert type alert status means, that automated investigation capabilities cannot pick up that alert to run an automated investigation. You can however investigate those alerts manually. See more here: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/review-alerts?view=o365-worldwide