Comments (3)
@Ziy-sws - I am not sure this is currently possible, but the idea is sound. Alert suppression based on AlertId or UserId or HostName and so on seems to make sense. I will have one of the PMs review the issue and comment. Thanks for the question.
from azure-sentinel.
Thank you!
from azure-sentinel.
@Ziy-sws - Thanks, for the feedback. Complete alert suppression based on properties is in our plans.
In the interim, you can leverage the new Alert Grouping feature, that's in Public Preview for your use case.
from azure-sentinel.
Related Issues (20)
- AWS SecurityHub Connector does not ingest GuardDuty and Macie events present in SecurityHub HOT 9
- Transformkql samples request for standard tables HOT 11
- Fortinet Function App Connector - Post Deployment Steps HOT 14
- Microsoft.SecurityInsights/alertRuleTemplates missing most recent template versions HOT 2
- Terraform, AZAPI, Microsoft.SecurityInsights/alertRules, ThreatIntelligence rule HOT 3
- Does Sentinel support AWS VPC Flos Logs with PerHourPartition enabled HOT 3
- Error while clicking Manage button from the already installed BitSight solution under the Content Hub HOT 5
- AWS connector script to create a bucket fails on tags on PWSH on macOS HOT 4
- Training Lab guide fails with error to deploy metadata HOT 8
- No hundredth in "authenticationStepDateTime" for "MFA denied; user did not select the correct number" Status HOT 8
- Detections/SigninLogs/AuthenticationAttemptFromNewCountry.yaml False Positives HOT 5
- Forcepoint DLP connector for Microsoft Sentinel - Not working as mentioned in documentation HOT 7
- UserAccountAddedToPrivlegeGroup_1h HOT 1
- Parser's metadata deployment in error when parser already exist for another solution HOT 12
- Oracle Cloud Infrastructure and Python 3.8 End of Support HOT 9
- Oracle Database Auditor: Workbooks with not results HOT 3
- Pricing details from Sentinel Azure monitoring alerts HOT 4
- Unable to install ZeroFox Marketplace Application from marketplace HOT 11
- 'Cisco ASA/FTD via AMA (Preview)' does not seem to be picking up Cisco FTD events from Syslog table HOT 9
- Typo in folder name: Azure-Sentinel/Parsers/SQLSever HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sentinel.