Jan 16 2020 08:37 AM
I'm looking at the built-in out of box Create incidents based on <Microsoft security service> alerts rules.
When you click on the rule from the Analytics page you see the rule summary page (see attachment #1) there you'll see a field for "Exclude by alert name"
When you attempt to edit this same rule, there is no field for "Exclude by alert name" (see attachment #2)
Am I missing something?
Jan 27 2020 11:04 AM
SolutionJust saw this, thanks MS for adding it.
Jan 27 2020 11:04 AM
Solution