Get Alert

Get alert information by ID.

The following permissions are required to run this action:

Alert.Read.All
Alert.ReadWrite.All

External Documentation

To learn more, visit the Microsoft Defender For Endpoints documentation.

Parameters

Parameter	Description
Alert ID	Your alert ID, can be retrieved from the ‘List Alerts’ action.

Workflow Library Example

Get Alert with Microsoft Defender for Endpoints and Send Results Via Email

Preview this Workflow on desktop

On this page

Parameters
Workflow Library Example

Get alert information by ID.

The following permissions are required to run this action:

Alert.Read.All
Alert.ReadWrite.All

External Documentation

To learn more, visit the Microsoft Defender For Endpoints documentation.

Parameters

Parameter	Description
Alert ID	Your alert ID, can be retrieved from the ‘List Alerts’ action.

Workflow Library Example

Get Alert with Microsoft Defender for Endpoints and Send Results Via Email

Preview this Workflow on desktop

On this page

Parameters
Workflow Library Example

Parameters

Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

Get Alert

Parameters

Workflow Library Example

​Parameters

​Workflow Library Example

Case Management

Automated Case Management

Case Management Dashboard

Case Management Interface

Triggers & Actions

Case Management Settings

​Parameters

​Workflow Library Example

Parameters

Workflow Library Example

Parameters

Workflow Library Example