update investigate machines topic
Joey Caparas
|
Before Width: | Height: | Size: 133 KiB After Width: | Height: | Size: 46 KiB |
|
Before Width: | Height: | Size: 577 KiB After Width: | Height: | Size: 97 KiB |
|
After Width: | Height: | Size: 88 KiB |
|
Before Width: | Height: | Size: 181 KiB After Width: | Height: | Size: 184 KiB |
|
Before Width: | Height: | Size: 144 KiB After Width: | Height: | Size: 82 KiB |
@ -111,6 +111,8 @@ You can manage tags from the Actions button or by selecting a machine from the M
|
||||
## Alerts related to this machine
|
||||
The **Alerts related to this machine** section provides a list of alerts that are associated with the machine. You can also manage alerts from this section by clicking the circle icons to the left of the alert (or using Ctrl or Shift + click to select multiple alerts).
|
||||
|
||||
|
||||
|
||||
This list is a filtered version of the [Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md), and shows the date when the alert's last activity was detected, a short description of the alert, the user account associated with the alert, the alert's severity, the alert's status in the queue, and who is addressing the alert.
|
||||
|
||||
You can also choose to highlight an alert from the **Alerts related to this machine** or from the **Machine timeline** section to see the correlation between the alert and its related events on the machine by right-clicking on the alert and selecting **Select and mark events**. This highlights the alert and its related events and helps distinguish them from other alerts and events appearing in the timeline. Highlighted events are displayed in all information levels whether you choose to view the timeline by **Detections**, **Behaviors**, or **Verbose**.
|
||||
|
||||