Reading Time: 2 minutes
Share:
Twitter
LinkedIn
Facebook
Reddit
Whatsapp
Follow by Email

In this quick how to guide, I am going to show you how to set up Azure Security Center to send you an email when a high severity security alert happens. This is a subscription level setting, so if you have more than one subscription make sure you make this change on them all.

Enough talk, lets get some email alerts!

In the Azure portal navigate to the Security Center. In here under Policy & Compliance on the left click Security policy.

Now click on the Edit settings > on the subscription you would like to set this setting on.

Click on Email notifications. Enter an Email Address and then under Email notification settings click on On for Send email notification for high severity alerts and then click Save.

And that’s it, you will now receive emails when High severity alerts happen in Azure Security Center. I hope you found this quick how to helpful. If you have any questions please reach out.

Share:
Twitter
LinkedIn
Facebook
Reddit
Whatsapp
Follow by Email

Pixel Robots.

I’m Richard Hooper aka Pixel Robots. I started this blog in 2016 for a couple reasons. The first reason was basically just a place for me to store my step by step guides, troubleshooting guides and just plain ideas about being a sysadmin. The second reason was to share what I have learned and found out with other people like me. Hopefully, you can find something useful on the site.

4 Comments

Rajashekar · August 28, 2019 at 10:46 am

Hello Richard,

The article is very helpful to configure the email notification for High severity alerts.
I want to know that can we can configure for medium alerts as well.

Thanks,
Rajashekar N.

    Pixel Robots. · September 2, 2019 at 5:25 pm

    Hello,

    The query I use is:

    SecurityAlert
    | where AlertSeverity == “Medium”
    | project TimeGenerated, DisplayName, AlertSeverity, Description, IsIncident, ExtendedProperties, RemediationSteps

    I then create an Azure Monitor alert to send an email when the number of results is greater than 0.

    Hope that helps. Perhaps i should do a blog post on this.

Valentijn Scholten · October 11, 2019 at 12:35 pm

When did you publish this blog (a article/blog should always display a creation date in my opinion).
Anyway, the above no longer works as the email configuration has moved to pricing&settings: https://docs.microsoft.com/en-us/azure/security-center/security-center-provide-security-contact-details

    Pixel Robots. · October 16, 2019 at 6:02 pm

    Hello, Thanks for the comment and sharing the link. The creation date is at the top of the page just under the heading. This post was published on February 27, 2019.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

I agree