SOLVED

threat alert in azure vm using azure security center

Copper Contributor

how can i get an alert for threat detection on individual azure vm using azure security center. like if any brute force attack is detected by azure security center, it generates an email alert.

 

3 Replies
best response confirmed by Stanislav Zhelyazkov (MVP)
Solution

Hi,

I am not sure what exactly you want to do but Azure Security Center Alerts are also logged in Activity log. More information here:

https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alert...

in note:

Security alerts generated by Security Center will also appear under Azure Activity Log. For more information about how to access Azure Activity Log, read View activity logs to audit actions on resources.

If you want to send the alerts to an e-mail create Azure Activity log alert and attach it to Action group that has the e-mail signal.

I'm trying to get email alert for target vm, if any serious threat is detected on it. In security policy we will get notification for any threat on any vm in subscription. 

Than the above method is the correct method.

1 best response

Accepted Solutions
best response confirmed by Stanislav Zhelyazkov (MVP)
Solution

Hi,

I am not sure what exactly you want to do but Azure Security Center Alerts are also logged in Activity log. More information here:

https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alert...

in note:

Security alerts generated by Security Center will also appear under Azure Activity Log. For more information about how to access Azure Activity Log, read View activity logs to audit actions on resources.

If you want to send the alerts to an e-mail create Azure Activity log alert and attach it to Action group that has the e-mail signal.

View solution in original post