Jun 24 2022 03:02 AM
Hi
The documentation for the alert “Suspected suspicious Kerberos ticket request on one endpoint” with
UniqueExternalId 2418 seems to be missing.
The alert references https://aka.ms/suspiciouskerberosticketrequest, which leads to the Bing search engine page.
Nothing here either:
https://docs.microsoft.com/en-us/defender-for-identity/suspicious-activity-guide
Is there any further documentation available or planned?
Thanks
Jul 08 2022 03:24 AM - edited Jul 08 2022 03:25 AM
@Eli Ofekany comments perhaps? I see the aka.ms shortcut has been fixed but now just points to the second link noted above, which still does not contain any further detail.
Jul 11 2022 07:51 AM
Sep 15 2022 01:32 AM
Sep 15 2022 01:43 AM
Jan 04 2023 06:49 AM