Skip to content

Added 2 examples #3907

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Sep 4, 2019
Merged

Added 2 examples #3907

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a016e26
Added 2 examples
get-itips Aug 29, 2019
5825c28
Update Set-ProtectionAlert.md
chrisda Sep 3, 2019
604fabd
Merge branch 'master' into patch-76
chrisda Sep 4, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 25 additions & 11 deletions exchange/exchange-ps/exchange/policy-and-compliance/Set-ProtectionAlert.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,22 +18,35 @@ Use the Set-ProtectionAlert cmdlet to modify alert policies in the Security & Co

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax (https://technet.microsoft.com/library/bb123552.aspx).


> [!NOTE]
> You cannot use this cmdlet to edit default alert policies. You can only modify alerts you have created using New-ProtectionAlert cmdlet.

## SYNTAX

```
Set-ProtectionAlert [-Identity] <ComplianceRuleIdParameter>
[-AggregationType <None | SimpleAggregation | AnomalousAggregation>] [-AlertBy <MultiValuedProperty>]
[-AggregationType <None | SimpleAggregation | AnomalousAggregation>]
[-AlertBy <MultiValuedProperty>]
[-AlertFor <MultiValuedProperty>]
[-Category <None | DataLossPrevention | ThreatManagement | DataGovernance | AccessGovernance | Others>]
[-Comment <String>] [-Confirm] [-Description <String>] [-Disabled <$true | $false>] [-Filter <String>]
[-Name <String>] [-NotificationCulture <CultureInfo>] [-NotifyUser <MultiValuedProperty>]
[-NotifyUserOnFilterMatch <$true | $false>] [-NotifyUserSuppressionExpiryDate <DateTime>]
[-NotifyUserThrottleThreshold <Int32>] [-NotifyUserThrottleWindow <Int32>] [-Operation <MultiValuedProperty>]
[-Severity <Low | Medium | High | None>] [-Threshold <Int32>] [-TimeWindow <Int32>] [-WhatIf]
[<CommonParameters>]
[-Comment <String>]
[-Confirm]
[-Description <String>]
[-Disabled <$true | $false>]
[-Filter <String>]
[-Name <String>]
[-NotificationCulture <CultureInfo>]
[-NotifyUser <MultiValuedProperty>]
[-NotifyUserOnFilterMatch <$true | $false>]
[-NotifyUserSuppressionExpiryDate <DateTime>]
[-NotifyUserThrottleThreshold <Int32>]
[-NotifyUserThrottleWindow <Int32>]
[-Operation <MultiValuedProperty>]
[-Severity <Low | Medium | High | None>]
[-Threshold <Int32>]
[-TimeWindow <Int32>]
[-WhatIf] [<CommonParameters>]
```

## DESCRIPTION
Expand All @@ -43,17 +56,18 @@ You need to be assigned permissions in the Office 365 Security & Compliance Cent

### -------------------------- Example 1 --------------------------
```
Insert example commands for example 1.
Set-ProtectionAlert -Identity "Content search deleted" -Severity High
```

Insert descriptive text for example 1.
This example sets the Severity of the detection to High.

### -------------------------- Example 2 --------------------------
```
Insert example commands for example 2.
Set-ProtectionAlert -Identity "Content search deleted" -NotifyUserOnFilterMatch:$true -AggregationType SimpleAggregation -Threshold 10 -TimeWindow 120
```

Insert descriptive text for example 2.
This example modifies an alert so that even though it's configured for aggregated activity, a notification is triggered during a match for the activity. A threshold of 10 detections and a TimeWindow of two hours are also configured in the same command.


## PARAMETERS

Expand Down