Alerts_Activate_Action_Microsoft Azure_General

Supported also on

Edit Event

Edit Event

Edit Event

Visitor

Admin Panel

Edit Event Details

Edit fields and audit list

–

Alert

Alerts Activate Action (Microsoft.Security/locations/alerts/activate/action)

SK4 unified event:

Connector/Service

Microsoft Azure/General

SK4 Version:

2.3.80

Created Date:

Tue Apr 16 2019 06:51:12 GMT+0000 (Coordinated Universal Time)

Last Update:

Tue Jun 18 2019 11:10:56 GMT+0000 (Coordinated Universal Time)

Category

Security Alert

Description

An alert was raised due to alert rule. Check severity and rule's name for more details.

Search query

SPLUNK

cef_vendor="skyformation" cef_name="general-alert" destinationServiceName="Azure" sourceServiceName="azure"

Parsed CEF

SkyFormation Header Data Columns

Unparsed raw data

Expand to see an example...

Audit sources