From bdce718e98140a034591b59d30a183d1639f25b6 Mon Sep 17 00:00:00 2001
From: ImranHabib <47118050+joinimran@users.noreply.github.com>
Date: Thu, 21 Mar 2019 15:17:24 +0500
Subject: [PATCH] Update
 manage-alerts-windows-defender-advanced-threat-protection.md

---
 ...-alerts-windows-defender-advanced-threat-protection.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
index 56f599b483..4ee7568546 100644
--- a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md
@@ -69,6 +69,14 @@ Create custom rules to control when alerts are suppressed, or resolved. You can
 
 2.  Select **Create a supression rule**.
 
+    You can create supression rule based on the following attributes.
+    
+    * File hash 
+    * File name - wild card supported
+    * File path - wild card supported
+    * IP
+    * URL - wild card supported
+
 3. Select the **Trigerring IOC**.
     
 4. Specify the action and scope on the alert. <br>