Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Cannot select a category when creating a custom detection rule

Copper Contributor



I am attempting to create a custom detection rule.

The query logic works, and includes Timestamp and ReportId.


However when I click Create detection rule from the Advanced hunting view of my query, and attempt to fill in the Alert details form, I click the Select Category drop-down and no results appear. Being unable to select a Category is preventing me from creating any rules.


I have the Security Administrator role (as well as Global Administrator), and I have ensured a fresh sign-in.


I can reproduce the issue with MS Edge and Chrome (latest versions in both cases).


Where are the Categories selected from?; how do I get past this issue?



0 Replies