Get Alert
Get alert information by ID.
The following permissions are required to run this action:
Alert.Read.AllAlert.ReadWrite.All
External Documentation
To learn more, visit the Microsoft Defender For Endpoints documentation.
Parameters
| Parameter | Description |
|---|---|
| Alert ID | Your alert ID, can be retrieved from the 'List Alerts' action. |
Workflow Library Example
Get Alert with Microsoft Defender for Endpoints and Send Results Via Email
Preview this Workflow on desktop