Final Update: Wednesday, 09 September 2020 17:18 UTC
We've confirmed that all systems are back to normal with no customer impact as of 09/09,16:53 UTC. Our logs show the incident started on 09/06, 07:00 UTC and that during the 3 days, 9 hours and 53 minutes that it took to resolve the issue small set of customers using Azure Sentinel and Log Search Alert may have experienced failures in running alert rules which caused alerts to not be published to the workspace. Azure Sentinel retries failed queries, so most of the queries should eventually succeed.
-Jayadev
We've confirmed that all systems are back to normal with no customer impact as of 09/09,16:53 UTC. Our logs show the incident started on 09/06, 07:00 UTC and that during the 3 days, 9 hours and 53 minutes that it took to resolve the issue small set of customers using Azure Sentinel and Log Search Alert may have experienced failures in running alert rules which caused alerts to not be published to the workspace. Azure Sentinel retries failed queries, so most of the queries should eventually succeed.
- Root Cause: The failure was due to dependency on one of the backend services.
- Incident Timeline: 3 Days, 9 Hours & 53 minutes - 09/06, 07:00 UTC through 09/09, 16:53 UTC
-Jayadev
Initial Update: Wednesday, 09 September 2020 15:55 UTC
We are aware of issues within Azure Sentinel Service and are actively investigating. Some customers may see the alert rules failing and will hence may not able to publish the alert to the workspace.
-Mohini
We are aware of issues within Azure Sentinel Service and are actively investigating. Some customers may see the alert rules failing and will hence may not able to publish the alert to the workspace.
- Work Around: None
- Next Update: Before 09/09 20:00 UTC
-Mohini
Updated Sep 09, 2020
Version 2.0