Forum Discussion
Inaccurate TimeGenerated value in CommonSecurityLog
Hi, I'm facing a weird issue where TimeGenerated value is inaccurate when we use the query condition | where TimeGenerated >= ago() See here: As you can see above, the time is in future t...
Hey ahhann
Check out this link https://learn.microsoft.com/en-us/azure/sentinel/connect-common-event-format#:~:text=Changing%20the%20source%20of%20the%20TimeGenerated%20field
Sounds like something has happened on the Log forwarder, this should correct the issue
BillClarksonAntill We using AMA. The link you posted was for legacy LAA.
Any way issue was resolved after the Log Relay Server where the AMA was installed is rotated and started fresh without any localtime under UTC.
