Learn how you can view and manage the queue so that you can effectively investigate threats seen on entities such as devices, files, or user accounts.
In this section
Topic | Description |
---|---|
View and organize the Alerts queue | Shows a list of alerts that were flagged in your network. |
Manage alerts | Learn about how you can manage alerts such as change its status, assign it to a security operations member, and see the history of an alert. |
Investigate alerts | Investigate alerts that are affecting your network, understand what they mean, and how to resolve them. |
Investigate files | Investigate the details of a file associated with a specific alert, behavior, or event. |
Investigate devices | Investigate the details of a device associated with a specific alert, behavior, or event. |
Investigate an IP address | Examine possible communication between devices in your network and external internet protocol (IP) addresses. |
Investigate a domain | Investigate a domain to see if devices and servers in your network have been communicating with a known malicious domain. |
Investigate a user account | Identify user accounts with the most active alerts and investigate cases of potential compromised credentials. |
Source : Official Microsoft Brand
Editor by : BEST Antivirus KBS Team
(Visited 10 times, 1 visits today)