SOLVED

Unsupported alerts

Silver Contributor

Can anyone tell me why the Investigation state for some alerts from MCAS show up in M365 Defender as "unsupported alerts" ?

1 Reply
best response confirmed by VI_Migration (Silver Contributor)
Solution

@Dean_Gross 

 

Unsupported alert type alert status means, that automated investigation capabilities cannot pick up that alert to run an automated investigation. You can however investigate those alerts manually. See more here: Review alerts in Microsoft Defender for Endpoint | Microsoft Learn

1 best response

Accepted Solutions
best response confirmed by VI_Migration (Silver Contributor)
Solution

@Dean_Gross 

 

Unsupported alert type alert status means, that automated investigation capabilities cannot pick up that alert to run an automated investigation. You can however investigate those alerts manually. See more here: Review alerts in Microsoft Defender for Endpoint | Microsoft Learn

View solution in original post