Active Alerts

View and manage all currently active alerts across your Microsoft 365 environment. Active alerts require attention and may indicate ongoing issues or security threats.

Overview

The Active Alerts view displays all unresolved alerts from service health monitoring, security detections, compliance violations, and custom threshold alerts. Alerts are prioritized by severity to help you focus on the most critical issues first.

Alert Columns

Alert Severity Levels

• Critical — Service outage or active security breach requiring immediate action
• High — Significant degradation or high-severity security event
• Medium — Partial service impact or moderate security concern
• Low — Minor issues that should be monitored
• Informational — Advisory notices and planned maintenance

Alert Categories

• Service Health — Microsoft 365 service outages and degradation
• Security — Threat detections, suspicious activity, policy violations
• Compliance — Compliance policy failures, data governance issues
• Sync — Tenant synchronization failures or delays
• Custom — User-defined threshold and condition alerts

Alert Actions

1. Acknowledge — Mark that you are aware of and investigating the alert
2. Assign — Route the alert to a specific technician
3. Escalate — Raise the severity or forward to senior staff
4. Resolve — Close the alert after the issue is addressed
5. Suppress — Temporarily silence similar alerts during maintenance

Filters

• Severity — Critical, High, Medium, Low, Informational
• Category — Service Health, Security, Compliance, Custom
• Tenant — Filter by affected tenant
• Status — New, Acknowledged, In Progress
• Assigned To — Filter by assigned technician

API Reference

• GET /api/monitoring/alerts/active — Get all active alerts
• PUT /api/monitoring/alerts/{id}/acknowledge — Acknowledge an alert
• PUT /api/monitoring/alerts/{id}/resolve — Resolve an alert
• POST /api/monitoring/alerts/{id}/assign — Assign alert to technician