You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-iot/device-builders/tutorial-investigate-security-alerts.md
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -27,15 +27,15 @@ In this tutorial you'll learn how to:
27
27
28
28
- You must have [enabled Microsoft Defender for IoT on your Azure IoT Hub](quickstart-onboard-iot-hub.md).
29
29
30
-
- You must have [added a resource group to your IoT solution](quickstart-configure-your-solution.md)
30
+
- You must have [added a resource group to your IoT solution](quickstart-configure-your-solution.md).
31
31
32
32
- You must have [created a Defender for IoT micro agent module twin](quickstart-create-micro-agent-module-twin.md).
33
33
34
-
- You must have [installed the Defender for IoT micro agent](quickstart-standalone-agent-binary-installation.md)
34
+
- You must have [installed the Defender for IoT micro agent](quickstart-standalone-agent-binary-installation.md).
35
35
36
-
- You must have [configured the Microsoft Defender for IoT agent-based solution](how-to-configure-agent-based-solution.md)
36
+
- You must have [configured the Microsoft Defender for IoT agent-based solution](how-to-configure-agent-based-solution.md).
37
37
38
-
- Learned how to [investigate security recommendations](quickstart-investigate-security-recommendations.md)
38
+
- Learned how to [investigate security recommendations](quickstart-investigate-security-recommendations.md).
39
39
40
40
## Investigate security alerts
41
41
@@ -51,7 +51,7 @@ The Defender for IoT security alert list displays all of the aggregated security
51
51
52
52
## Investigate security alert details
53
53
54
-
Opening each aggregated alert displays the detailed alert description, remediation steps, and device ID for each device that triggered an alert. The alert severity, and direct investigation is accessible using Log Analytics.
54
+
Opening each aggregated alert displays the detailed alert description, remediation steps, and device ID for each device that triggered an alert. The alert severity and direct investigation is accessible using Log Analytics.
55
55
56
56
**To investigate security alert details**:
57
57
@@ -61,15 +61,15 @@ Opening each aggregated alert displays the detailed alert description, remediati
61
61
62
62
1. Select any security alert from the list to open it.
63
63
64
-
1. Review the alert **description**, **severity**, **source of the detection**, **device details** of all devices that issued this alert in the aggregation period.
64
+
1. Review the alert **description**, **severity**, **source of the detection**, and **device details** of all devices that issued this alert in the aggregation period.
65
65
66
66
:::image type="content" source="media/quickstart/drill-down-iot-alert-details.png" alt-text="Investigate and review the details of each device in an aggregated alert." lightbox="media/quickstart/drill-down-iot-alert-details-expanded.png":::
67
67
68
-
1. After reviewing the alert specifics, use the **manual remediation step** instructions to help remediate, and resolve the issue that caused the alert.
68
+
1. After reviewing the alert specifics, use the **manual remediation step** instructions to help remediate and resolve the issue that caused the alert.
69
69
70
70
:::image type="content" source="media/quickstart/iot-alert-manual-remediation-steps.png" alt-text="Follow the manual remediation steps to help resolve or remediate your device security alerts":::
71
71
72
-
## Investigate alerts in Log Analytics workspace
72
+
## Investigate alerts in your Log Analytics workspace
73
73
74
74
You can access your alerts and investigate them with the Log Analytics workspace.
0 commit comments