Quick How To: Azure Security Center Send Email For High Severity Alerts

Published by Pixel Robots. on

Reading Time: 2 minutes

In this quick how to guide, I am going to show you how to set up Azure Security Center to send you an email when a high severity security alert happens. This is a subscription level setting, so if you have more than one subscription make sure you make this change on them all.

Enough talk, lets get some email alerts!

In the Azure portal navigate to the Security Center. In here under Policy & Compliance on the left click Security policy.

Now click on the Edit settings > on the subscription you would like to set this setting on.

Click on Email notifications. Enter an Email Address and then under Email notification settings click on On for Send email notification for high severity alerts and then click Save.

And that’s it, you will now receive emails when High severity alerts happen in Azure Security Center. I hope you found this quick how to helpful. If you have any questions please reach out.

Categories: AzureSecurity
Tags:

Pixel Robots.

I’m Richard Hooper aka Pixel Robots. I started this blog in 2016 for a couple reasons. The first reason was basically just a place for me to store my step by step guides, troubleshooting guides and just plain ideas about being a sysadmin. The second reason was to share what I have learned and found out with other people like me. Hopefully, you can find something useful on the site.

5 Comments

Rajashekar · August 28, 2019 at 10:46 am

Hello Richard,

The article is very helpful to configure the email notification for High severity alerts.
I want to know that can we can configure for medium alerts as well.

Thanks,
Rajashekar N.

Reply

    Pixel Robots. · September 2, 2019 at 5:25 pm

    Hello,

    The query I use is:

    SecurityAlert
    | where AlertSeverity == “Medium”
    | project TimeGenerated, DisplayName, AlertSeverity, Description, IsIncident, ExtendedProperties, RemediationSteps

    I then create an Azure Monitor alert to send an email when the number of results is greater than 0.

    Hope that helps. Perhaps i should do a blog post on this.

    Reply

Valentijn Scholten · October 11, 2019 at 12:35 pm

When did you publish this blog (a article/blog should always display a creation date in my opinion).
Anyway, the above no longer works as the email configuration has moved to pricing&settings: https://docs.microsoft.com/en-us/azure/security-center/security-center-provide-security-contact-details

Reply

    Pixel Robots. · October 16, 2019 at 6:02 pm

    Hello, Thanks for the comment and sharing the link. The creation date is at the top of the page just under the heading. This post was published on February 27, 2019.

    Reply

    Ian Currie · November 29, 2019 at 10:27 am

    ermm… The creation date is at the header in the yellow bit at the top of the page – says…
    Published by Pixel Robots. on February 27, 2019

    Reply

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

AKS

Introducing the AKS Security Dashboard: Now in Preview

Reading Time: 2 minutesAzure Kubernetes Service (AKS) has rolled out a new feature in preview: the AKS Security Dashboard. This dashboard centralizes security insights, making it easier for cluster administrators and resource owners to identify and address vulnerabilities Read more…

AWS

Amazon EKS Auto Mode vs Azure AKS Automatic: The Better Managed Kubernetes Solution?

Reading Time: 4 minutesAlright, I’ll admit it, I’m a bit biased towards Azure AKS. It’s hard not to be, given the depth of automation and integration it offers. But that doesn’t mean I can’t appreciate a solid effort Read more…

AKS

AKS Preview Feature: Optimizing Upgrades with Undrainable Node Behavior

Reading Time: 3 minutesAzure Kubernetes Service (AKS) has just released a new preview feature called Optimize for undrainable node behavior, designed to make the upgrade process smoother. This feature lets you control how upgrades handle nodes that can’t Read more…