Forum Discussion

Lance_Peterson's avatar
Lance_Peterson
Copper Contributor
Apr 09, 2020

SecurityInsights > SecurityAlert table no longer updating

Hi all, we noted starting last night that our SecurityAlert table in SecurityInsights was no longer being updated.  Is there a way to force an update/refresh of the data?  Maybe disconnect and reconnect the various connectors, or maybe remove and than add back the Analytics Rules for the various MS alert feeds?

 

Thanks,

Lance

2 Replies

Sort By
  • Lance_Peterson's avatar
    Lance_Peterson
    Copper Contributor
    Apr 09, 2020

    Also noting that entity mapping fields are missing in new Incidents added to Sentinel since the issue started occurring.  Possible issue with the default Microsoft Security (Preview), Analytics Rule Types?

    • Lance_Peterson's avatar
      Lance_Peterson
      Copper Contributor
      Apr 09, 2020

      We are also noting that after a Incident is added to Sentinel we are seeing the following message under Evidence & Entities for an extended time. "Preparing investigation data for this incident. Please try again in a few minutes."

       

      Curious, is anyone else seeing this?

       

      Lance

Resources