No Security Alerts in Azure Defender

Brass Contributor

Hi community,

 

For some or other reason I've stopped seeing Security Alerts in Azure Defender. This is not typical for this environment.

 

SebastiaanR_0-1601195501865.png

 

I have Owner permissions on the subscription, and Standard pricing applied across the environment. I can see the devices in MDATP.

 

Any idea why no security alerts will be displayed in here, and any suggestions on how I can test to make sure things are all good?

 

TIA

 

2 Replies

@SebastiaanR Did you check pricing&settings? When you click your subscription, you see the settings:

-Akos-_0-1601317900228.png

In data collection you should have a workspace (I also have in continuous export a workspace configured)

 

You could test on a VM by opening up PowerShell, and typing "invoke-webrequest https://secure.eicar.org/eicar.com -OutFile bla.com" which tries to download a test-virus on your VM (harmless). You should see stuff happening in ASC

Hi,
Thanks for the response.

As mentioned, I've confirmed that standard pricing is enabled, and a workspace is configured. Everything used to work without any issue.
I'll keep an eye on any alerts when performing the test you mentioned.

Thanks