I have received a message mentioning Suspicious communication over DNS in my ATP. Why I am getting this error? While checking the activity different host name which does not belong to my organization is displayed. How to analyze this issue?
@Reninraj , export the alert to excel, you will get more details about those source machines.
And see this guide for more details: