Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Time delay for messages in Sentinel

Copper Contributor

We have set up the connector to MDATP.
Messages that are displayed there take a long time until the info is displayed in Sentinel.
How do we get the information displayed in Sentinel in real time?
Such a long delay is not very nice from a security point of view.

 

2020-10-26_08h57_49.png2020-10-26_09h25_44.png

3 Replies
Kann denn wirklich niemand sagen warum die Anzeige so sehr verzögert im Sentinel ankommt?

@Jan_F1801 I share your concern. If the delays are too large, we're better off using email alerts straight from the log source (WDATP, MCAS, ASC ...). 
Don't know if 'the silent majority' feels this is a problem too or if we are the only two :)

I have the same delay... Unfortunately this is nothing you can do