In this blog post, we will learn how to create security alerts in Microsoft 365 that will notify us in case a security incident is happening or about to happen.
A few days ago, we learned about the security tools and portals in Microsoft 365, and today we will use the Microsoft 365 Security Center.
Create a Security Alert
Let’s start with creating a security alert in Microsoft 365. To do so open the Security Center using the following URL:
https://security.microsoft.com/homepage
From the security portal left navigation menu click on Policies and Office 365 alerts as shown below.
By default, Microsoft has created a set of policies that are enabled and working out of the box. With the default configuration, an alert will be sent to all the tenant administrators users.
Create a custom alert
To create a new alert, click on New alert policy as shown below and fill in the Name, Severity and Category and click Next.
In the Create alert settings page, use the drop-down box to select the activity, the alert will be based on. Scroll down to see the entire list of available activities.
For example, I will use the activity of Create mail forward / redirect which will send me an alert every time a mail forwarding rule is created to.
To complete the wizard, enter the email address of the person who should receive the alert and click and click finish.