Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Cannot select a category when creating a custom detection rule

Copper Contributor

Hi,

 

I am attempting to create a custom detection rule.

The query logic works, and includes Timestamp and ReportId.

 

However when I click Create detection rule from the Advanced hunting view of my query, and attempt to fill in the Alert details form, I click the Select Category drop-down and no results appear. Being unable to select a Category is preventing me from creating any rules.

 

I have the Security Administrator role (as well as Global Administrator), and I have ensured a fresh sign-in.

 

I can reproduce the issue with MS Edge and Chrome (latest versions in both cases).

 

Where are the Categories selected from?; how do I get past this issue?

 

TIA

0 Replies