在 Azure 安全中心提供安全联系人详细信息Provide security contact details in Azure Security Center

Azure 安全中心建议对 Azure 订阅提供安全联系人的详细信息(如果尚未提供)。Azure Security Center will recommend that you provide security contact details for your Azure subscription if you haven't already. 如果 Microsoft 安全响应中心 (MSRC) 发现用户的客户数据被某方非法访问或未经授权访问,Microsoft 会使用该信息联系用户。This information will be used by Microsoft to contact you if the Microsoft Security Response Center (MSRC) discovers that your customer data has been accessed by an unlawful or unauthorized party. MSRC 会执行 Azure 网络和基础结构的选择安全监视,并接收来自第三方的威胁情报和恶意投诉。MSRC performs select security monitoring of the Azure network and infrastructure and receives threat intelligence and abuse complaints from third parties.

每日第一个警报发生时会发送电子邮件通知(仅对于高严重级别的警报)。An email notification is sent on the first daily occurrence of an alert and only for high severity alerts. 只能对订阅策略配置电子邮件首选项。Email preferences can only be configured for subscription policies. 订阅内的资源组将继承这些设置。Resource groups within a subscription will inherit these settings. 警报仅在 Azure 安全中心的标准层中提供。Alerts are available only in the Standard tier of Azure Security Center.

将会发送警报电子邮件通知:Alert email notifications are sent:

  • 每天每种警报类型发送给一个电子邮件收件人To a single email recipient per alert type per day
  • 一天之内发送给一个收件人的电子邮件不得超过 3 封No more than 3 email messages are sent to a single recipient in a single day
  • 每封电子邮件都包含一个警报,而不是警报的聚合Each email message contains a single alert, not an aggregation of alerts
  • 仅适用于高严重性警报Only for high severity alerts

例如,如果已发送电子邮件消息提醒你有关 RDP 攻击的信息,则即使有其他警报触发,你也不会在同一天收到有关 RDP 攻击的其他电子邮件。For example, if an email message was already sent to alert you about an RDP attack, you will not receive another email message about an RDP attack on the same day, even if another alert is triggered.

重要

本文档将使用示例部署介绍该服务。This document introduces the service by using an example deployment. 这并非一份循序渐进的指南。This is not a step-by-step guide.

为警报设置电子邮件通知 Set up email notifications for alerts

  1. 作为具有“安全管理员”或“订阅所有者”角色的用户,打开“电子邮件通知”页:As a user with the role Security Admin or Subscription Owner, open the Email notifications page:

    • 对于警报,请打开“定价 & 设置”,选择相关订阅,并选择“电子邮件通知” 。For alerts, open Pricing & settings, select the relevant subscription, and select Email notifications.

    • 如果要实施建议,请在“建议”下选择“提供安全联系人详细信息”,选择要在其上提供联系人信息的 Azure 订阅 。If you are implementing a recommendation, then Under Recommendations, select Provide security contact details, select the Azure subscription to provide contact information on. 这将打开“电子邮件通知”。This opens Email notifications.

    提供安全联系人详细信息

  2. 输入安全联系人的电子邮件地址或地址,用逗号隔开。Enter the security contact email address or addresses separated by commas. 可输入的电子邮件地址数量无限制。There is no limit to the number of email addresses that you can enter.

  3. 若要接收有关于高严重级别警报的电子邮件,请打开选项“通过电子邮件向我发送警报”。To receive emails about high severity alerts, turn on the option Send me emails about alerts.

  4. 你可以向订阅所有者发送电子邮件通知(经典服务管理员和协同管理员,以及订阅范围内的 RBAC 所有者角色)。You can send email notifications to subscription owners (classic Service Administrator and Co-Administrators, plus RBAC Owner role at the subscription scope).

  5. 若要将安全联系人信息应用到订阅,请选择“保存”。To apply the security contact information to your subscription, select Save.

另请参阅See also

若要了解有关安全中心的详细信息,请参阅以下文章:To learn more about Security Center, see the following: