Defender for Identity sensor high severity alert

Cloud0009 · ‎Sep 28 2022

MDI sensor is generating a high severity alert stating "

A health issue occurred

Sensor received more windows events than they can process resulting in some events not being analyzed

While I checked MS docs for the possible cause I got this: "Verify that only required events are forwarded to the Defender for Identity sensor or try to forward some of the events to another Defender for Identity sensor" But I am not able find a way to verify this.

If anyone has faced similar issue I wanted to know the possible solutions for the same.

Thanks in advance

Eli Ofek · ‎Sep 29 2022

@Cloud0009 Usually the problem will be lack of resources, or high percentage of NNR failure that slows the sensor down too much.
Please make sure you have ran the sizing tool, and the machine is up to spec.

If it looks OK, please contact support as they will need much more data to know exactly what happened.

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Defender for Identity sensor high severity alert

Defender for Identity sensor high severity alert

A health issue occurred

Re: Defender for Identity sensor high severity alert