Forum Discussion
Daily "Network Port Sweep detected on port x" but no Source IP
For a couple of months we have been getting "Network Port Sweep was detection by multiple IPs" with ports 135 and 445 mostly. The KQL attached lists a load of Destination IPs but no Source IP (see ex...
Clive_Watson Hi, there’s no source IP. The query running is one built into Sentinel.
I shall try running your query. Thanks for the feedback.
Hey MarcusBoyce, just wondering if you were able to solve this? I have the same issue.