From 1e57c7112bed9f2b504b0b8b84bcae58dbc90713 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 7 Jun 2018 15:56:11 -0700 Subject: [PATCH] new flow --- ...ows-defender-advanced-threat-protection.md | 48 ++++++++++++------- 1 file changed, 32 insertions(+), 16 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md index 595710cac3..db4d4d1e03 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 05/01/2018 +ms.date: 06/06/2018 --- # Configure alert notifications in Windows Defender ATP @@ -41,29 +41,45 @@ Only users assigned to the Global administrator role can manage notification rul The email notification includes basic information about the alert and a link to the portal where you can do further investigation. -## Set up email notifications for alerts -The email notifications feature is turned off by default. Turn it on to start receiving email notifications. +## Create rules for alert notifications +You can create rules that determine the machines and alert severities to send email notifications for and the notification recipients. -1. On the navigation pane, select **Settings** > **Alert notifications**. -2. Toggle the setting between **On** and **Off**. -3. Select the alert severity level that you’d like your recipients to receive: - - **High** – Select this level to send notifications for high-severity alerts. - - **Medium** – Select this level to send notifications for medium-severity alerts. - - **Low** - Select this level to send notifications for low-severity alerts. - - **Informational** - Select this level to send notification for alerts that might not be considered harmful but good to keep track of. -4. In **Email recipients to notify on new alerts**, type the email address then select the + sign. -5. Click **Save preferences** when you’ve completed adding all the recipients. -Check that email recipients are able to receive the email notifications by selecting **Send test email**. All recipients in the list will receive the test email. +1. In the navigation pane, select **Settings** > **Alert notifications**. + +2. Click **Add notification rule**. + +3. Specify the General information: + - **Rule name** + - **Machines** - Choose whether to notify recipients for alerts on all machines (Global administrator role only) or on selected machine groups. For more information, see [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md). + - **Alert severity** - Choose the alert severity level + +4. Click **Next**. + +5. Enter the recipient's email address then click **Add recipient**. You can add multiple email addresses. + +6. Check that email recipients are able to receive the email notifications by selecting **Send test email**. + +7. Click **Save notification rule**. Here's an example email notification: ![Image of example email notification](images/atp-example-email-notification.png) -## Remove email recipients +## Edit a notification rule +1. Select the notification rule you'd like to edit. + +2. Update the General and Recipient tab information. + +3. Click **Save notification rule**. + + +## Delete notification rule + +1. Select the notification rule you'd like to delete. + +2. Click **Delete**. -1. Select the trash bin icon beside the email address you’d like to remove. -2. Click **Save preferences**. ## Troubleshoot email notifications for alerts This section lists various issues that you may encounter when using email notifications for alerts.