deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update automated-investigations.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT
2021-01-27 15:56:18 -08:00
parent 55efa3697e
commit c161a55cad
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
View File

@ -58,9 +58,11 @@ During and after an automated investigation, you can view details about the inve
|Tab |Description |
|:--|:--|
|**Alerts**| The alert(s) that started the investigation.|
|**Devices** |The device(s) where the threat was seen.|
|**Evidence** |The entities that were found to be malicious during an investigation.|
|**Alerts**| The alert(s) that started the investigation. |
|**Devices** |The device(s) that are impacted by the threat. |
|**Mailboxes** |The mailbox(s) that are impacted by the threat |
|**Users** | The user account(s) that are impacted by the threat |
|**Evidence** |The evidences raised by alerts/investigations, with verdicts (*Malicious*, *Suspicious*, or *No threats found*, along with remediation status. |
|**Entities** |Details about each analyzed entity, including a determination for each entity type (*Malicious*, *Suspicious*, or *No threats found*). |
|**Log** |The chronological, detailed view of all the investigation actions taken on the alert.|
|**Pending actions** |If there are any actions awaiting approval as a result of the investigation, the **Pending actions** tab is displayed. On the **Pending actions** tab, you can approve or reject each action. |