How do I configure alert for consecutive failed logins to MS services and consecutive login attempts blocked by conditional access policies configured in AAD?
Example for MS services referred in the question: azure portal, email, M365 portal
I do not wish to set up alert for failed login attempts for specific users/ IP.
You should consider assigning a license that includes Identity Protection to any person who logs on to an administrative console/portal. https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection
Smart lockout is also available to reduce the risk for the identity scenarios you mention. https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-password-smart-lockout.
What kind of alert were you proposing? Email notification?
Sign in to comment