Configure email notifications for security alerts
Security alerts need to reach the right people in your organization. By default, Security Center emails subscription owners whenever a high-severity alert is triggered for their subscription. This page explains how to customize these notifications.
To define your own preferences for notification emails, Azure Security Center's Email notifications settings page lets you choose:
- who should be notified - Emails can be sent to select individuals or to anyone with a specified Azure role for a subscription.
- what they should be notified about - Modify the severity levels for which Security Center should send out notifications.
To avoid alert fatigue, Security Center limits the volume of outgoing mails. For each subscription, Security Center sends:
- a maximum of four emails per day for high-severity alerts
- a maximum of two emails per day for medium-severity alerts
- a maximum of one email per day for low-severity alerts
|Release state:||Generally available (GA)|
|Required roles and permissions:||Security Admin
|Clouds:|| Commercial clouds
National/Sovereign (US Gov, China Gov, Other Gov)
You can send email notifications to individuals or to all users with specific Azure roles.
From Security Center's Pricing & settings area, select the relevant subscription, and select Email notifications.
Define the recipients for your notifications with one or both of these options:
- From the dropdown list, select from the available roles.
- Enter specific email addresses separated by commas. There's no limit to the number of email addresses that you can enter.
To apply the security contact information to your subscription, select Save.
To learn more about security alerts, see the following pages:
- Security alerts - a reference guide--Learn about the security alerts you might see in Azure Security Center's Threat Protection module
- Manage and respond to security alerts in Azure Security Center--Learn how to manage and respond to security alerts
- Automate responses to Security Center triggers--Use automation to respond to Security Center triggers with custom notification logic