MicrosoftDocs
diff --git a/‎articles/ddos-protection/alerts.md
Lines changed: 26 additions & 17 deletions b/‎articles/ddos-protection/alerts.md
Lines changed: 26 additions & 17 deletions
diff --git a/‎articles/ddos-protection/ddos-diagnostic-alert-templates.md
Lines changed: 4 additions & 4 deletions b/‎articles/ddos-protection/ddos-diagnostic-alert-templates.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-alert.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-alert.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-alert.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-alert.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-action-group-basics.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-action-group-basics.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-action-group-basics.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-action-group-basics.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-action-group-notification.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-action-group-notification.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-action-group-notification.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-action-group-notification.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-add-condition.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-add-condition.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-add-condition.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-add-condition.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-details.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-details.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-details.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-details.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-notification.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-notification.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-notification.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-notification.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-page.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-page.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-page.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-page.png
diff --git a/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-rule.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-rule.png b/‎articles/ddos-protection/media/manage-ddos-protection/ddos-protection-alert-rule.png renamed to ‎articles/ddos-protection/media/ddos-alerts/ddos-protection-alert-rule.png
@@ -4,17 +4,20 @@ description: Learn how to configure DDoS protection metric alerts for Azure DDoS
 services: ddos-protection
 author: AbdullahBell
 ms.service: ddos-protection
-ms.topic: how-to
+ms.topic: tutorial
 ms.custom: ignite-2022
 ms.workload: infrastructure-services
-ms.date: 01/30/2023
+ms.date: 08/07/2023
 ms.author: abell
 ---
 # Configure Azure DDoS Protection metric alerts through portal
 
-Azure DDoS Protection provides detailed attack insights and visualization with DDoS Attack Analytics. Customers protecting their virtual networks against DDoS attacks have detailed visibility into attack traffic and actions taken to mitigate the attack via attack mitigation reports & mitigation flow logs. Rich telemetry is exposed via Azure Monitor including detailed metrics during the duration of a DDoS attack. Alerting can be configured for any of the Azure Monitor metrics exposed by DDoS Protection. Logging can be further integrated with [Microsoft Sentinel](../sentinel/data-connectors/azure-ddos-protection.md), Splunk (Azure Event Hubs), OMS Log Analytics, and Azure Storage for advanced analysis via the Azure Monitor Diagnostics interface.
+DDoS Protection metrics alerts are an important step in alerting your team through Azure portal, email, SMS message, push, or voice notification when an attack is detected.
 
-In this article, you'll learn how to configure metrics alerts through Azure Monitor.
+In this tutorial, you learn how to:
+
+> [!div class="checklist"]
+> * Configure metrics alerts through Azure Monitor.
 
 
 ## Prerequisites
@@ -33,11 +36,11 @@ You can select any of the available Azure DDoS Protection metrics to alert you w
 
 1. Select **+ Create** on the navigation bar, then select **Alert rule**.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-page.png" alt-text="Screenshot of creating Alerts.":::
+    :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-page.png" alt-text="Screenshot of creating Alerts." lightbox="./media/ddos-alerts/ddos-protection-alert-page.png":::
 
 1. On the **Create an alert rule** page, select **+ Select scope**, then select the following information in the **Select a resource** page.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-scope.png" alt-text="Screenshot of selecting DDoS Protection attack alert scope.":::
+    :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-scope.png" alt-text="Screenshot of selecting DDoS Protection attack alert scope." lightbox="./media/ddos-alerts/ddos-protection-alert-scope.png":::
 
 
     | Setting | Value |
@@ -49,10 +52,10 @@ You can select any of the available Azure DDoS Protection metrics to alert you w
 1. Select **Done**, then select **Next: Condition**.
 1. On the **Condition** page, select **+ Add Condition**, then in the *Search by signal name* search box, search and select **Under DDoS attack or not**.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-add-condition.png" alt-text="Screenshot of adding DDoS Protection attack alert condition.":::
+    :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-add-condition.png" alt-text="Screenshot of adding DDoS Protection attack alert condition." lightbox="./media/ddos-alerts/ddos-protection-alert-add-condition.png":::
 
 1. In the **Create an alert rule** page, enter or select the following information. 
-  :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-signal.png" alt-text="Screenshot of adding DDoS Protection attack alert signal.":::
+  :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-signal.png" alt-text="Screenshot of adding DDoS Protection attack alert signal." lightbox="./media/ddos-alerts/ddos-protection-alert-signal.png":::
 
     | Setting | Value |
     |--|--|
@@ -69,7 +72,7 @@ You can select any of the available Azure DDoS Protection metrics to alert you w
 ### Create action group
 
 1. In the **Create action group** page, enter the following information, then select **Next: Notifications**.
-:::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-action-group-basics.png" alt-text="Screenshot of adding DDoS Protection attack alert action group basics.":::
+:::image type="content" source="./media/ddos-alerts/ddos-protection-alert-action-group-basics.png" alt-text="Screenshot of adding DDoS Protection attack alert action group basics." lightbox="./media/ddos-alerts/ddos-protection-alert-action-group-basics.png":::
 
     | Setting | Value |
     |--|--|
@@ -82,19 +85,19 @@ You can select any of the available Azure DDoS Protection metrics to alert you w
 
 1. On the *Notifications* tab, under *Notification type*, select **Email/SMS message/Push/Voice**. Under *Name*, enter **myUnderAttackEmailAlert**.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-action-group-notification.png" alt-text="Screenshot of adding DDoS Protection attack alert notification type.":::
+    :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-action-group-notification.png" alt-text="Screenshot of adding DDoS Protection attack alert notification type." lightbox="./media/ddos-alerts/ddos-protection-alert-action-group-notification.png":::
 
 
 1. On the *Email/SMS message/Push/Voice* page, select the **Email** check box, then enter the required email. Select **OK**.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-notification.png" alt-text="Screenshot of adding DDoS Protection attack alert notification page.":::
+    :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-notification.png" alt-text="Screenshot of adding DDoS Protection attack alert notification page." lightbox="./media/ddos-alerts/ddos-protection-alert-notification.png":::
 
 1. Select **Review + create** and then select **Create**.
 ### Continue configuring alerts through portal
 
 1. Select **Next: Details**. 
 
-     :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-details.png" alt-text="Screenshot of adding DDoS Protection attack alert details page.":::
+     :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-details.png" alt-text="Screenshot of adding DDoS Protection attack alert details page." lightbox="./media/ddos-alerts/ddos-protection-alert-details.png":::
 
 1. On the *Details* tab, under *Alert rule details*, enter the following information. 
 
@@ -107,7 +110,7 @@ You can select any of the available Azure DDoS Protection metrics to alert you w
 
 Within a few minutes of attack detection, you should receive an email from Azure Monitor metrics that looks similar to the following picture:
 
-:::image type="content" source="./media/manage-ddos-protection/ddos-alert.png" alt-text="Screenshot of a DDoS Attack Alert.":::
+:::image type="content" source="./media/ddos-alerts/ddos-alert.png" alt-text="Screenshot of a DDoS Attack Alert." lightbox="./media/ddos-alerts/ddos-alert.png":::
 
 You can also learn more about [configuring webhooks](../azure-monitor/alerts/alerts-webhooks.md?toc=%2fazure%2fvirtual-network%2ftoc.json) and [logic apps](../logic-apps/logic-apps-overview.md?toc=%2fazure%2fvirtual-network%2ftoc.json) for creating alerts.
 
@@ -116,15 +119,21 @@ You can keep your resources for the next tutorial. If no longer needed, delete t
 
 1. In the search box at the top of the portal, enter **Alerts**. Select **Alerts** in the search results.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-rule.png" alt-text="Screenshot of Alerts page.":::
+    :::image type="content" source="./media/ddos-alerts/ddos-protection-alert-rule.png" alt-text="Screenshot of Alerts page." lightbox="./media/ddos-alerts/ddos-protection-alert-rule.png":::
 
 1. Select **Alert rules**. 
 
-     :::image type="content" source="./media/manage-ddos-protection/ddos-protection-delete-alert-rules.png" alt-text="Screenshot of Alert rules page.":::
+     :::image type="content" source="./media/ddos-alerts/ddos-protection-delete-alert-rules.png" alt-text="Screenshot of Alert rules page." lightbox="./media/ddos-alerts/ddos-protection-delete-alert-rules.png":::
 
 1. In the Alert rules page, select your subscription.
 1. Select the alerts created in this tutorial, then select **Delete**. 
 ## Next steps
 
-* [Test through simulations](test-through-simulations.md)
-* [View alerts in Microsoft Defender for Cloud](ddos-view-alerts-defender-for-cloud.md)
+In this tutorial you learned how to configure metric alerts through Azure portal.
+
+To configure diagnostic logging, continue to the next tutorial.
+
+> [!div class="nextstepaction"]
+> [Configure diagnostic logging](diagnostic-logging.md)
+> [Test through simulations](test-through-simulations.md)
+> [View alerts in Microsoft Defender for Cloud](ddos-view-alerts-defender-for-cloud.md)
@@ -39,7 +39,7 @@ The Azure Monitor alert rule template will run a query against the diagnostic lo
     [![Deploy to Azure](../media/template-deployments/deploy-to-azure.svg)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2FAzure-Network-Security%2Fmaster%2FAzure%2520DDoS%2520Protection%2FAlert%2520-%2520DDOS%2520Mitigation%2520started%2520azure%2520monitor%2520alert%2FDDoSMitigationStarted.json)
 
 1. On the *Custom deployment* page, under *Project details*, enter the following information. 
-:::image type="content" source="./media/manage-ddos-protection/ddos-deploy-alert.png" alt-text="Screenshot of Azure Monitor alert rule template.":::
+:::image type="content" source="./media/ddos-diagnostic-alert-templates/ddos-deploy-alert.png" alt-text="Screenshot of Azure Monitor alert rule template." lightbox="./media/ddos-diagnostic-alert-templates/ddos-deploy-alert.png":::
 
     | Setting | Value |
     |--|--|
@@ -65,7 +65,7 @@ This DDoS Mitigation Alert Enrichment template deploys the necessary components
     [![Deploy to Azure](../media/template-deployments/deploy-to-azure.svg)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2FAzure-Network-Security%2Fmaster%2FAzure%2520DDoS%2520Protection%2FAutomation%2520-%2520DDoS%2520Mitigation%2520Alert%2520Enrichment%2FEnrich-DDoSAlert.json)
 
 1. On the *Custom deployment* page, under *Project details*, enter the following information. 
-:::image type="content" source="./media/manage-ddos-protection/ddos-deploy-alert-logic-app.png" alt-text="Screenshot of DDoS Mitigation Alert Enrichment template.":::
+:::image type="content" source="./media/ddos-diagnostic-alert-templates/ddos-deploy-alert-logic-app.png" alt-text="Screenshot of DDoS Mitigation Alert Enrichment template." lightbox="./media/ddos-diagnostic-alert-templates/ddos-deploy-alert-logic-app.png":::
 
     | Setting | Value |
     |--|--|
@@ -84,11 +84,11 @@ You can keep your resources for the next guide. If no longer needed, delete the
 
 1. In the search box at the top of the portal, enter **Alerts**. Select **Alerts** in the search results.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-alert-rule.png" alt-text="Screenshot of Alerts page.":::
+    :::image type="content" source="./media/ddos-diagnostic-alert-templates/ddos-protection-alert-rule.png" alt-text="Screenshot of Alerts page." lightbox="./media/ddos-diagnostic-alert-templates/ddos-protection-alert-rule.png":::
 
 1. Select **Alert rules**, then in the Alert rules page, select your subscription.
 
-     :::image type="content" source="./media/manage-ddos-protection/ddos-protection-delete-alert-rules.png" alt-text="Screenshot of Alert rules page.":::
+     :::image type="content" source="./media/ddos-diagnostic-alert-templates/ddos-protection-delete-alert-rules.png" alt-text="Screenshot of Alert rules page." lightbox="./media/ddos-diagnostic-alert-templates/ddos-protection-delete-alert-rules.png":::
 
 1. Select the alerts created in this guide, then select **Delete**.