MDE limited details in email alert notifications

Copper Contributor

Hello Everyone,


We have set up email alert notifications for Incidents and Actions in Microsoft Defender for Endpoint following the instructions provided in the article below:


However, we have noticed that the alerts received via email contain very limited information.

We would like to know if there is a way to customize these alerts to include additional details such as the alert name, timestamp, system and user names, file and path details, and more.


Your guidance on how to achieve this customization would be greatly appreciated.


Thank you.

0 Replies