From 86ee7181ca113df6e49751b05a8e10686bb8b47f Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 8 Mar 2018 19:03:14 -0800 Subject: [PATCH] update toc and settings pages --- windows/security/threat-protection/TOC.md | 22 +++--- ...ows-defender-advanced-threat-protection.md | 70 +++++++++++++++++++ ...ows-defender-advanced-threat-protection.md | 6 +- ...ows-defender-advanced-threat-protection.md | 14 ++-- 4 files changed, 94 insertions(+), 18 deletions(-) create mode 100644 windows/security/threat-protection/windows-defender-atp/configure-automation-notifications-windows-defender-advanced-threat-protection.md diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 5930ae90e0..b73124aca3 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -179,15 +179,21 @@ ##### [Inactive machines](windows-defender-atp\fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines) ##### [Misconfigured machines](windows-defender-atp\fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#misconfigured-machines) #### [Check service health](windows-defender-atp\service-status-windows-defender-advanced-threat-protection.md) -### [Configure Windows Defender ATP preferences settings](windows-defender-atp\preferences-setup-windows-defender-advanced-threat-protection.md) -#### [Update general settings](windows-defender-atp\general-settings-windows-defender-advanced-threat-protection.md) -#### [Enable advanced features](windows-defender-atp\advanced-features-windows-defender-advanced-threat-protection.md) -#### [Enable preview experience](windows-defender-atp\preview-settings-windows-defender-advanced-threat-protection.md) -#### [Configure email notifications](windows-defender-atp\configure-email-notifications-windows-defender-advanced-threat-protection.md) -#### [Enable SIEM integration](windows-defender-atp\enable-siem-integration-windows-defender-advanced-threat-protection.md) -#### [Enable Threat intel API](windows-defender-atp\enable-custom-ti-windows-defender-advanced-threat-protection.md) +### [Configure Windows Defender ATP Settings](windows-defender-atp\preferences-setup-windows-defender-advanced-threat-protection.md) +####General +#### [Data retention](windows-defender-atp\general-settings-windows-defender-advanced-threat-protection.md) +#### [Configure alert notifications](windows-defender-atp\configure-email-notifications-windows-defender-advanced-threat-protection.md) +#### [Configure automation notifications](windows-defender-atp\configure-automation-notifications-windows-defender-advanced-threat-protection.md) #### [Enable and create Power BI reports using Windows Defender ATP data](windows-defender-atp\powerbi-reports-windows-defender-advanced-threat-protection.md) -#### [Enable Security Analytics security controls](windows-defender-atp\enable-security-analytics-windows-defender-advanced-threat-protection.md) +#### [Enable Secure score security controls](windows-defender-atp\enable-security-analytics-windows-defender-advanced-threat-protection.md) +#### [Configure advanced features](windows-defender-atp\advanced-features-windows-defender-advanced-threat-protection.md) +####Permissions +####APIs +#### [Enable Threat intel](windows-defender-atp\enable-custom-ti-windows-defender-advanced-threat-protection.md) +#### [Enable SIEM integration](windows-defender-atp\enable-siem-integration-windows-defender-advanced-threat-protection.md) +####Rules + + #### [Configure Windows Defender ATP time zone settings](windows-defender-atp\settings-windows-defender-advanced-threat-protection.md) ### [Access the Windows Defender ATP Community Center](windows-defender-atp\community-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/configure-automation-notifications-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-automation-notifications-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..c70e5225de --- /dev/null +++ b/windows/security/threat-protection/windows-defender-atp/configure-automation-notifications-windows-defender-advanced-threat-protection.md @@ -0,0 +1,70 @@ +--- +title: Configure automation notifications in Windows Defender ATP +description: Send automation notifications to specified recipients to receive emails based on certain conditions +keywords: automation notifications, configure automation notifications, incrimination result, asset group, investigation status +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: high +ms.date: 04/16/2018 +--- + +# Configure automation notifications in Windows Defender ATP + +**Applies to:** + +- Windows 10 Enterprise +- Windows 10 Education +- Windows 10 Pro +- Windows 10 Pro Education +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +[!include[Prerelease information](prerelease.md)] + +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationnotifcations-abovefoldlink) + +You can configure Windows Defender ATP to send automation notifications to specified recipients based on certain conditions that you define. This feature enables you to identify a group of individuals who will immediately be informed and can act on automation notifications. + +> [!NOTE] +> Only users with full access can configure automation notifications. + + +## Set up automation notification rules + +1. In the navigation pane, select **Settings** > **General** > **Automation notifications**. +2. Click **New notification rule**. +3. Enter a rule name, email address, and select the condition for when the notification will be sent. + + >[!NOTE] + >You can add multiple email addresses and conditions. + + The following conditions are supported: + - Asset groups + - Investigation status + - Remediation type + - Incrimination result + +4. Click **Save notification rule**. + + +## Edit an automation notification rule + +1. Click **Edit rule**. +2. Update the name of the rule, or recipients, or conditions. +3. Click **Save notification rule**. + +## Delete an automation notification rule +1. Click **Delete rule**. +2. Confirm that you want to delete the rule. + +## Related topics +- [Update general settings in Windows Defender ATP](general-settings-windows-defender-advanced-threat-protection.md) +- [Turn on advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md) +- [Turn on the preview experience in Windows Defender ATP](preview-settings-windows-defender-advanced-threat-protection.md) +- [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md) +- [Enable the custom threat intelligence API in Windows Defender ATP](enable-custom-ti-windows-defender-advanced-threat-protection.md) +- [Create and build Power BI reports](powerbi-reports-windows-defender-advanced-threat-protection.md) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md index 75e3a9574d..3fe7d8bf20 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md @@ -1,5 +1,5 @@ --- -title: Configure email notifications in Windows Defender ATP +title: Configure alert notifications in Windows Defender ATP description: Send email notifications to specified recipients to receive new alerts based on severity with Windows Defender ATP on Windows 10 Enterprise, Pro, and Education editions. keywords: email notifications, configure alert notifications, windows defender atp notifications, windows defender atp alerts, windows 10 enterprise, windows 10 education search.product: eADQiWindows 10XVcnh @@ -13,7 +13,7 @@ ms.localizationpriority: high ms.date: 04/16/2018 --- -# Configure email notifications in Windows Defender ATP +# Configure alert notifications in Windows Defender ATP **Applies to:** @@ -41,7 +41,7 @@ The email notification includes basic information about the alert and a link to ## Set up email notifications for alerts The email notifications feature is turned off by default. Turn it on to start receiving email notifications. -1. On the navigation pane, select **Settings** > **Email Notifications**. +1. In the navigation pane, select **Settings** > **General** > **Alert notifications**. 2. Toggle the setting between **On** and **Off**. 3. Select the alert severity level that you’d like your recipients to receive: - **High** – Select this level to send notifications for high-severity alerts. diff --git a/windows/security/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md index 9a829d8d92..d188f90ee9 100644 --- a/windows/security/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md @@ -1,7 +1,7 @@ --- -title: Update general Windows Defender Advanced Threat Protection settings -description: Update your general Windows Defender Advanced Threat Protection settings such as data retention or industry after onboarding. -keywords: general settings, settings, update settings +title: Update data retention settings for Windows Defender Advanced Threat Protection +description: Update data retention settings by selecting between 30 days to 180 days. +keywords: data storage settings, retention, update settings search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy @@ -12,7 +12,7 @@ author: mjcaparas ms.localizationpriority: high ms.date: 04/16/2018 --- -# Update general Windows Defender ATP settings +# Update data storage and retention settings for Windows Defender ATP **Applies to:** @@ -26,11 +26,11 @@ ms.date: 04/16/2018 >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-gensettings-abovefoldlink) -During the onboarding process, a wizard takes you through the general settings of Windows Defender ATP. After onboarding, you might want to update some settings which you'll be able to do through the **Settings** menu. +During the onboarding process, a wizard takes you through the general settings of Windows Defender ATP. After onboarding, you might want to update the data retention settings. -1. In the navigation pane, select **Settings** > **General**. +1. In the navigation pane, select **Settings** > **General** > **Data rention**. -2. Modify settings such as data retention policy or the industry that best describes your organization. +2. Select the data retention duration from the drop-down list. > [!NOTE] > Other settings are not editable.