Share via

From MS 365 Defender, how can I suppress a custom alerts that is has the source MDO?

Nicole McCabe 1 Reputation point
2022-06-30T21:58:30.073+00:00

I'm new to a company and am reviewing the alerts that have been put in place by a long-since-gone employee. There are a couple custom alerts that have crazy names - just garbled mixture of letters and numbers, but have no description - the only thing known about them is that they have a medium severity and the date they were modified - and that they generate lots of alerts. I would like to suppress them for now, but do not see a way how to do that. If I click the elipses to the right of the alerts and select edit, there is no suppression option. I looked at other alerts we have in place with different sources, and they allow suppression. I also tried to go to the protection.office.,com portal to see if alerts could be suppressed from that console, but it redirected me to the same MS 365 Defender page for Policies & rules. I checked and there is no way to turn off the redirection.

Is there any way to suppress these types of alerts?

Any help is much appreciated!

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
756 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. David Broggy 6,101 Reputation points MVP
    2022-07-01T05:01:17.197+00:00

    Hi there,
    In the alert view there is a column named ‘Detection Source’ - eg. Defender for Identity, Defender for Cloud Apps, etc.
    That should help you identify where the alert was generated from.
    Then you can go to that security portal and begin investigating the alert source.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.