Skip to main content

Get Alert

Get alert information by ID. One of the following permissions is required to run this action:

  • Alert.Read.All
  • Alert.ReadWrite.All
  • Alert.Read
  • Alert.ReadWrite
External Documentation

To learn more, visit the Microsoft Defender For Endpoints documentation.

Parameters

ParameterDescription
Alert IDYour alert ID, can be retrieved from the 'List Alerts' action.

Workflow Library Example

Get Alert with Microsoft Defender for Endpoints and Send Results Via Email

Workflow LibraryPreview this Workflow on desktop