Forum Discussion
GaryBushey
Dec 11, 2020Bronze Contributor
Azure Sentinel incidents without any events
I have noticed a couple of incidents generated from Azure Sentinel analytic rules that do not have any events associated with them (it states N/A under the Events column when viewing the full details). I also notice that the alert ID doesn't seem to exist. This appears to have started around 1:40AM EST today (11 Dec 2020) and the latest I have noticed this happening is 7:26AM EST today.
Anyone else noticing this?
- lazylionCopper ContributorI am also facing same issue with one of my use case, where incident is triggering with zero events in it.
Any solution? - GaryBusheyBronze ContributorThis has resolved itself. Going to be an issue if this keeps happening.