cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

The enumerated resources are missing due to a missing audit configuration.

ScottKreel
Copper Contributor

‎Dec 05 2023 02:00 PM

‎Dec 05 2023 02:00 PM

The enumerated resources are missing due to a missing audit configuration.

There was a suspected brute force attack and under important information it says "The enumerated resources are missing due to a missing audit configuration."

 

How can I see more information as to what this is referring to? What are the resources and what audit configuration is missing? All of the audit policies are enabled on the domain controllers.

 

Thanks!

845 Views
0 Likes
1 Reply
Reply
1 Reply
ScottKreel

‎Dec 07 2023 06:41 AM

‎Dec 07 2023 06:41 AM

Re: The enumerated resources are missing due to a missing audit configuration.

A little more context, the brute force happened on an internet exposed RDP server. The RDP server is configured to use Azure MFA with NPS extension. The NPS server is configured to forward events to the MDI sensors. VPN radius auditing via this NPS server appears to be working but RDP radius auditing does not, external IPs of attempted logins to RDP server are not appearing in MDI logs… should they?

0 Likes
Reply