Forum Discussion
Solved
How to trigger an alert / what generates an alert
I'm looking for documentation of what kind of action generates an alert. I've been trying to generate alerts by typing wrong password, forcing the user account to be locked out, but that did not gen...
To trigger Azure Security Center alerts you can either create a custom rule in the ASC blade, or on an ASC protected VM, rename any .exe file to ASC_AlertTest_662jfi039N.exe.
For Identity Protection, the easiest way I know to generate a test alert is to use the Tor browser to log in to your Microsoft services (Azure portal or O365 portal). This will generate an alert which says you logged in from an anonymous IP address.
Hello Frank,
Is MCAS enabled for your tenant ?
Frank Larsen wrote:
I've found this article which explains which alerts are being triggered: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-reporting-risk-events ... but would be great if we could create alerts ourselves, so we can test our integration against the security API
Regards,
Rishabh
No, I haven't enabled MCAS, why?