Mar 31 2020 03:14 PM - edited Apr 01 2020 07:08 AM
For some odd reason the results that I am getting from the Graph Security API the past two days are inaccurate and I can't for the life of me figure out why.
If I query https://graph.microsoft.com/v1.0/security/alerts I am returned 7 old alerts without any obvious relationship, rhyme, or reason for populating my results. These are not the 7 most recent, and we have had more than 7 alerts.
For example, when attempting to append $filter=vendorInformation/provider eq 'Microsoft Defender ATP' I receive:
Apr 01 2020 10:01 AM
Solution@kylemiller061 , Our MDATP team has found and fixed the issue, so it should now work as expected. The issue wasn't related to the service health. Thank you for your feedback.
Apr 01 2020 10:01 AM
Solution@kylemiller061 , Our MDATP team has found and fixed the issue, so it should now work as expected. The issue wasn't related to the service health. Thank you for your feedback.