We've received several questions about not being able to see existing alerts using the Graph Explorer.
The reason for this is that the Graph scopes, or permissions, required to call the Graph Security API - SecurityEvents.Read.All, SecurityEvents.ReadWrite.All - are not selected by default in Graph Explorer.
To enable using Graph Explorer, an Azure AD tenant admin must grant these scopes (see figure below)
Once this is done (and the signed in user account is assigned a limited administrator SecurityReader or SecurityAdmin Azure AD role) - alerts may be viewed using the Graph Explorer. Enjoy!
