View Azure DDoS Protection alerts in Microsoft Defender for Cloud
Microsoft Defender for Cloud provides a list of security alerts, with information to help investigate and remediate problems. With this feature, you get a unified view of alerts - including DDoS attack-related alerts - and the actions to take to mitigate the attack.
In this tutorial, you learn how to:
- View Azure DDoS Protection alerts in Microsoft Defender for Cloud.
There are two specific alerts that you'll see for any DDoS attack detection and mitigation:
- DDoS Attack detected for Public IP: This alert is generated when the DDoS protection service detects that one of your public IP addresses is the target of a DDoS attack.
- DDoS Attack mitigated for Public IP: This alert is generated when an attack on the public IP address has been mitigated.
To view the alerts, open Defender for Cloud in the Azure portal and select Security alerts. The following screenshot shows an example of the DDoS attack alerts.
Prerequisites
- An Azure account with an active subscription. Create an account for free.
- DDoS Network Protection must be enabled on a virtual network or DDoS IP Protection must be enabled on a public IP address.
View alerts in Microsoft Defender for Cloud
Sign in to the Azure portal.
In the search box at the top of the portal, enter Microsoft Defender for Cloud. Select Microsoft Defender for Cloud from the search results.
From the side menu, select Security alerts. To filter the alerts list, select your subscription, or any of the relevant filters. You can optionally add filters with the Add filter option.
The alerts include general information about the public IP address that’s under attack, geo and threat intelligence information, and remediation steps.
Next steps
In this tutorial you learned how to view DDoS protection alerts in Microsoft Defender for Cloud. To learn more about the recommended steps to take when you receive an alert, see these next steps.
Phản hồi
https://aka.ms/ContentUserFeedback.
Sắp ra mắt: Trong năm 2024, chúng tôi sẽ dần gỡ bỏ Sự cố với GitHub dưới dạng cơ chế phản hồi cho nội dung và thay thế bằng hệ thống phản hồi mới. Để biết thêm thông tin, hãy xem:Gửi và xem ý kiến phản hồi dành cho