cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Security Alerts gets delayed

%3CLINGO-SUB%20id%3D%22lingo-sub-174113%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20Alerts%20gets%20delayed%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-174113%22%20slang%3D%22en-US%22%3E%3CP%3EUnfortunately%20no%20at%20Security%20%26amp%3B%20Compliance%20Center.%20We%20go%20with%20a%20connection%20to%20Operations%20Management%20Suite%2C%20which%20has%20a%20pack%20for%20Office%20365.%20With%20that%20alerts%20on%20the%26nbsp%3Bactivities%26nbsp%3Bare%20almost%20instant.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-173731%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20Alerts%20gets%20delayed%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-173731%22%20slang%3D%22en-US%22%3E%3CP%3EDid%20you%20ever%20get%20a%20solution%20to%20this%3F%20I%20have%20alerts%20configured%20just%20for%20admin%20changes%20and%20it%20sometimes%20takes%2024hrs%20for%20the%20alert%20to%20come%20through.%20Obviously%20if%20something%20bad%20was%20happening%20in%20the%20system%2C%20I'd%20have%20missed%20it...!%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-147972%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20Alerts%20gets%20delayed%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-147972%22%20slang%3D%22en-US%22%3EI%20mean%20both.%20Both%20delays%20are%20understandable.%20But%20for%20example%20today%20we%20receive%20an%20e-mail%20alert%20to%20the%20activity%20which%20is%2022%20days%20old.%20This%20is%20too%20much.%20I%20have%20currently%20opened%20the%20case%20for%20it%20but%20without%20any%20meaningful%20progress.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-147943%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20Alerts%20gets%20delayed%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-147943%22%20slang%3D%22en-US%22%3E%3CP%3EYou%20mean%20the%20email%20notifications%2C%20or%20the%20actual%20events%20in%20the%20SCC%20Audit%20log%20section%3F%20In%20general%2C%20there%20is%20some%20delay%20with%20generating%20both%2C%20audit%20log%20entries%20can%20sometimes%20appear%20after%20a%20day%20or%20more%2C%20depending%20on%20the%20event%20type...%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-147872%22%20slang%3D%22es-ES%22%3ESecurity%20Alerts%20gets%20delayed%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-147872%22%20slang%3D%22es-ES%22%3E%3CP%3EWe%20have%20set%20up%20security%20alerts%20in%20Office%20365%20for%20some%20events%20like%20privilege%20escalations.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20notification%20coming.%20But%20from%20December%20they%20get%20delayed.%20Sometimes%20hours%2C%20sometimes%20days%2C%20but%20now%20we%20receive%20events%20even%20after%20more%20than%2010%20days%20of%20the%20time%20when%20activity%20occurs.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EDoes%20someone%20sees%20the%20same%3F%20The%20notifications%20on%20CAS%20are%20triggered%20correctly%20in%20time.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-147872%22%20slang%3D%22es-ES%22%3E%3CLINGO-LABEL%3EAdvanced%20Security%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Office%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Esecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Petr Vlk
MVP

‎01-23-2018 07:58 AM - last edited on ‎12-09-2020 04:31 AM by

‎01-23-2018 07:58 AM - last edited on ‎12-09-2020 04:31 AM by

Security Alerts gets delayed

We have set up security alerts in Office 365 for some events like privilege escalations.

 

The notification coming. But from December they get delayed. Sometimes hours, sometimes days, but now we receive events even after more than 10 days of the time when activity occurs.

 

Does someone sees the same? The notifications on CAS are triggered correctly in time.

1,815 Views
0 Likes
4 Replies
Reply
4 Replies
Vasil Michev

‎01-23-2018 10:15 AM

‎01-23-2018 10:15 AM

Re: Security Alerts gets delayed

You mean the email notifications, or the actual events in the SCC Audit log section? In general, there is some delay with generating both, audit log entries can sometimes appear after a day or more, depending on the event type...

0 Likes
Reply
Petr Vlk

‎01-23-2018 11:05 AM

‎01-23-2018 11:05 AM

Re: Security Alerts gets delayed

I mean both. Both delays are understandable. But for example today we receive an e-mail alert to the activity which is 22 days old. This is too much. I have currently opened the case for it but without any meaningful progress.
0 Likes
Reply
David Malcolm

‎03-20-2018 10:50 AM

‎03-20-2018 10:50 AM

Re: Security Alerts gets delayed

Did you ever get a solution to this? I have alerts configured just for admin changes and it sometimes takes 24hrs for the alert to come through. Obviously if something bad was happening in the system, I'd have missed it...!

0 Likes
Reply
Petr Vlk

‎03-21-2018 08:24 AM

‎03-21-2018 08:24 AM

Re: Security Alerts gets delayed

Unfortunately no at Security & Compliance Center. We go with a connection to Operations Management Suite, which has a pack for Office 365. With that alerts on the activities are almost instant.

0 Likes
Reply