Work with Azure ATP health and events
Azure ATP health center
The Azure ATP health center lets you know how your Azure ATP instance is performing and alerts you when there are problems.
Working with the Azure ATP health center
The Azure ATP health center lets you know that there's a problem by raising an alert (a red dot) above the Health Center icon in the menu bar.
Managing Azure ATP health
To check up on the overall health of your Azure ATP instance, click the Health Center icon in the menu bar
All open issues can be managed by setting them to Close, or Suppress, by clicking the three dots in the corner of the alert and making your selection.
Open: All new suspicious activities appear in this list.
Close: Is used to track suspicious activities that you identified, researched, and fixed for mitigated.
Azure ATP may reopen a closed activity if the same activity is detected again within a short period of time.
Suppress: Suppressing an activity means you want to ignore it for now, and only be alerted again if there's a new instance. If there's a similar alert Azure ATP doesn't reopen it. But if the alert stops for seven days, and is then seen again, you're alerted again.
Reopen: You can reopen a closed or suppressed alert so that it appears as Open in the timeline again.
Delete: From within the security alert timeline, you also have the option to delete a health issue. If you Delete an alert, it is deleted from the instance and you will NOT be able to restore it. After you click delete, you'll be able to delete all security alerts of the same type.
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.