Creating suppression rules
The Security Alerts list can sometimes contain alerts that might not be relevant to you and that you don't want to be on the list. Typical reasons you would want to suppress alerts are alerts being triggered too often or if there are many false positives. In these cases, you might want to declutter the Security Alerts list, so you can focus on more relevant and important alerts.
In this recipe, you will learn how to create alert suppression rules, to temporarily suppress and remove alerts from the Security Alerts list.
Getting ready
Open a web browser and navigate to https://portal.azure.com.
How to do it
To create a suppression rule in Microsoft Defender for Cloud for a specific security alert, take the following steps:
- In the Azure portal, open Microsoft Defender for Cloud.
- On the left menu, click Security alerts.
- Select a security alert you want to create a suppression rule for. The details pane opens on the right...