Alert processing rules fields update
Published date: May 11, 2023
Alert processing rules are a set of rules that allow for modifications to be made to fired alerts, distinct from alert rules which generate new alerts. With alert processing rules, you can add or remove action groups from your fired alerts. A bug fix will be implemented in the alert processing rule filters, which will match alert context fields exclusively with Common Schema fields. If you are using filters that rely on fields outside of the Common Schema, you will need to adjust your processing rule to use only Common Schema fields. If you require assistance with this adjustment, please open a support ticket or contact noga.lavi@microsoft.com for further assistance. This fix will be implemented by the last week of July