cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

"Send only one notification per incident" not working - getting 20 mails for 1 incident

StephanGee
Steel Contributor

‎Aug 04 2023 12:04 AM

‎Aug 04 2023 12:04 AM

"Send only one notification per incident" not working - getting 20 mails for 1 incident

Hi everyone,

 

we are using the mail alerts for opening tickets in our ticket system.

Every mail = one ticket

 

We have selected "Send only one notification per incident" for this.

But we are getting a mail for every alert in the incident.

This is one incident.

StephanGee_0-1691131649799.png

 

We can merge the tickets - but this has do be done manually and takes 5 seconds for each merge.

 

Is there any other place we might have set this?

At the moment i am looking at:Settings -> Microsoft 365 Defender -> Email notifications

 

BR

Stephan

Labels:
217 Views
0 Likes
3 Replies
Reply
3 Replies
best response confirmed by StephanGee (Steel Contributor)
Heike Ritter

‎Aug 04 2023 01:45 AM

‎Aug 04 2023 01:45 AM

Solution

Re: "Send only one notification per incident" not working - getting 20 mails for 1 inciden

Hi Stephan, not an expert here - but trying to help troubleshoot :)
I see that there are two places to set email notifications
Settings > for Microsoft 365 Defender
and Settings > Endpoints

Also in the settings for Microsoft 365 Defender you can specify the source of the alert, did you select all of them, or just Microsoft 365 Defender with the sub items?
I am wondering you somehow activated duplicated settings.
I can't see from your screenshot what the sources are, but are these all endpoint alerts?
0 Likes
Reply
StephanGee

‎Aug 04 2023 02:41 AM - edited ‎Aug 04 2023 02:46 AM

‎Aug 04 2023 02:41 AM - edited ‎Aug 04 2023 02:46 AM

Re: "Send only one notification per incident" not working - getting 20 mails for 1 inciden

@Heike Ritter 

I think this is it! We have it for alerts AND incidents :)

I disabled the alert rule for our shared mailbox - maybe this was it.

Thanks

 

In this case it was an endpoint alert.

We did select all of them. 

StephanGee_0-1691141821479.png

 

1 Like
Reply
Heike Ritter

‎Aug 07 2023 03:19 AM

‎Aug 07 2023 03:19 AM

Re: "Send only one notification per incident" not working - getting 20 mails for 1 inciden

Great, glad I could help :) I will also chat with the feature owners, to make these things more clear.
0 Likes
Reply