Skip to content

Commit 6936062

Browse files
authored
Merge branch 'main' into docs-editor/live-response-1736368750
2 parents 6084bc4 + aecbbaf commit 6936062

10 files changed

+467
-559
lines changed

defender-xdr/TOC.yml

Lines changed: 390 additions & 446 deletions
Large diffs are not rendered by default.

defender-xdr/configure-asset-rules.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
2-
title: Asset rule management - Dynamic rules
3-
description: You can use Microsoft Defender for Endpoint to configure dynamic tagging
2+
title: Create dynamic rules for devices in asset rule management
3+
description: Use asset rule management in Microsoft Defender for Endpoint to configure dynamic tagging for devices.
44
ms.service: defender-xdr
55
ms.author: deniseb
66
author: denisebmsft
@@ -15,7 +15,7 @@ search.appverid: met150
1515
ms.date: 01/02/2025
1616
---
1717

18-
# Asset rule management - Dynamic rules for devices
18+
# Create dynamic rules for devices in asset rule management
1919

2020
> [!IMPORTANT]
2121
> Some information in this article relates to prereleased products/services that might be substantially modified before they are commercially released. Microsoft makes no warranties, express or implied, for the information provided here.

defender-xdr/configure-email-notifications.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
---
2-
title: Configure alert notifications in Microsoft Defender XDR
2+
title: Configure alert notifications
33
description: You can use Microsoft Defender for Endpoint to configure email notification settings for security alerts, based on severity and other criteria.
44
ms.service: defender-xdr
55
ms.author: diannegali
@@ -15,7 +15,7 @@ search.appverid: met150
1515
ms.date: 07/08/2024
1616
---
1717

18-
# Configure alert notifications in Microsoft Defender XDR
18+
# Configure alert notifications
1919

2020
[!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
2121

defender-xdr/export-incidents-queue.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ ms.date: 07/11/2022
2727

2828

2929
**Applies to:**
30+
3031
- Microsoft Defender XDR
3132

3233
The **Export** feature allows you to export the data in the incident queue that is displayed according to the applied filters and time ranges. It's available in the form of a button named **Export**, as displayed in the following screenshot:
@@ -42,7 +43,8 @@ For example, for the data on the CSV file, you can apply filters to view the fol
4243
- Data regarding who is your most productive analyst.
4344

4445
> [!NOTE]
45-
> The maximum number of records you can export to a CSV file is 10,000.
46+
> The maximum number of records you can export to a CSV file is 10,000.
4647
4748
If you have thoughts or suggestions about the new **Export** feature (the **Export** button) for the incident queue, contact Microsoft team or send your feedback through the Microsoft Defender portal.
49+
4850
[!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]

defender-xdr/incident-queue.md

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ ms.topic: conceptual
1818
search.appverid:
1919
- MOE150
2020
- MET150
21-
ms.date: 01/06/2025
21+
ms.date: 01/10/2025
2222
appliesto:
2323
- Microsoft Defender XDR
2424
- Microsoft Sentinel in the Microsoft Defender portal
@@ -51,6 +51,17 @@ The incident queue has customizable columns that give you visibility into differ
5151

5252
:::image type="content" source="/defender/media/incidents-queue/incidents-ss-incidents-3.png" alt-text="Screenshot of Incident page filter and column controls." lightbox="/defender/media/incidents-queue/incidents-ss-incidents-3.png":::
5353

54+
The **Export** feature allows you to export the data in the incident queue that is displayed according to the applied filters and time ranges. It's available in the form of a button named **Export**, as displayed in the following screenshot:
55+
56+
:::image type="content" source="/defender/media/defender/incidents-queue-with-export-button.png" alt-text="Shows the Export button in the Incidents page of the Microsoft Defender portal":::
57+
58+
When you click the **Export** button, the data is exported to a CSV file. You can apply various filters and time ranges to the incidents queue (not just in the context of exporting the data, but in a generic context). When you select **Export**, whichever filters and/or time ranges are applied to the incidents queue, such data is exported to the CSV file.
59+
60+
Once you export the incidents queue-related data onto the CSV file, you can analyze the data and filter it further, based on your requirements.
61+
62+
> [!NOTE]
63+
> The maximum number of records you can export to a CSV file is 10,000.
64+
5465
### Incident names
5566

5667
For more visibility at a glance, Microsoft Defender XDR generates incident names automatically, based on alert attributes such as the number of endpoints affected, users affected, detection sources, or categories. This specific naming allows you to quickly understand the scope of the incident.
@@ -86,7 +97,7 @@ You can do the following actions in the series of cards that appear in Defender
8697

8798
To reopen Defender Boxed, go to the Incidents queue and then select **Your Defender Boxed** on the right side of the pane.
8899

89-
:::image type="content" source="/defender/media/defender-boxed/defender-boxed-incident-small.png" alt-text="Screenshot of Defender Boxed slide with the save option highlighted." lightbox="/defender/media/defender-boxed/defender-boxed-incident.png":::
100+
:::image type="content" source="/defender/media/defender-boxed/defender-boxed-incident-small.png" alt-text="Screenshot of the Defender Boxed option highlighted in the Incidents page." lightbox="/defender/media/defender-boxed/defender-boxed-incident.png":::
90101

91102
## Filters <a name="available-filters"></a>
92103

defender-xdr/m365d-notifications-incidents.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
2-
title: Get incident notifications by email in Microsoft Defender XDR
3-
description: Set up email notifications to get notified of new incidents or updates to incidents in Microsoft Defender XDR.
2+
title: Get incident notifications by email
3+
description: Set up email notifications to get notified of new incidents or updates to incidents in the Microsoft Defender portal.
44
ms.service: defender-xdr
55
f1.keywords:
66
- NOCSH
@@ -19,7 +19,7 @@ search.appverid:
1919
ms.date: 07/08/2024
2020
---
2121

22-
# Get incident notifications by email in Microsoft Defender XDR
22+
# Get incident notifications by email
2323

2424
[!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
2525

defender-xdr/m365d-remediation-actions.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
2-
title: Remediation actions in Microsoft Defender XDR
3-
description: Get an overview of remediation actions that follow automated investigations in Microsoft Defender XDR
2+
title: Get notified about remediation actions
3+
description: Get an overview of remediation actions that follow automated investigations in the Microsoft Defender portal
44
search.appverid: met150
55
ms.service: defender-xdr
66
f1.keywords:
@@ -19,7 +19,7 @@ ms.reviewer: evaldm, isco
1919
ms.date: 08/06/2024
2020
---
2121

22-
# Remediation actions in Microsoft Defender XDR
22+
# Get notified about remediation actions
2323

2424
[!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
2525

defender-xdr/m365d-threat-analytics-notifications.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
---
2-
title: Get email notifications for Threat analytics updates in Microsoft Defender XDR
2+
title: Get email notifications for Threat analytics updates
33
ms.reviewer:
44
description: Set up email notifications to get notified of new Threat analytics reports in Microsoft Defender XDR.
55
ms.service: defender-xdr
@@ -20,15 +20,15 @@ search.appverid: met150
2020
ms.date: 03/28/2024
2121
---
2222

23-
# Get email notifications for Threat analytics updates in Microsoft Defender XDR
23+
# Get email notifications for Threat analytics updates
2424

2525
[!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
2626

2727
**Applies to:**
2828

2929
- Microsoft Defender XDR
3030

31-
You can set up email notifications that will send you updates on [threat analytics](threat-analytics.md) reports.
31+
You can set up email notifications that sends you updates on [threat analytics](threat-analytics.md) reports.
3232

3333
## Set up email notifications for report updates
3434

0 commit comments

Comments
 (0)