Azure Sentinel incidents without any events

%3CLINGO-SUB%20id%3D%22lingo-sub-1979444%22%20slang%3D%22en-US%22%3EAzure%20Sentinel%20incidents%20without%20any%20events%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1979444%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20noticed%20a%20couple%20of%20incidents%20generated%20from%20Azure%20Sentinel%20analytic%20rules%20that%20do%20not%20have%20any%20events%20associated%20with%20them%20(it%20states%20N%2FA%20under%20the%20Events%20column%20when%20viewing%20the%20full%20details).%26nbsp%3B%20I%20also%20notice%20that%20the%20alert%20ID%20doesn't%20seem%20to%20exist.%26nbsp%3B%20%26nbsp%3BThis%20appears%20to%20have%20started%20around%201%3A40AM%20EST%20today%20(11%20Dec%202020)%20and%20the%20latest%20I%20have%20noticed%20this%20happening%20is%207%3A26AM%20EST%20today.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20else%20noticing%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E
Valued Contributor

I have noticed a couple of incidents generated from Azure Sentinel analytic rules that do not have any events associated with them (it states N/A under the Events column when viewing the full details).  I also notice that the alert ID doesn't seem to exist.   This appears to have started around 1:40AM EST today (11 Dec 2020) and the latest I have noticed this happening is 7:26AM EST today.

 

Anyone else noticing this?

1 Reply
This has resolved itself. Going to be an issue if this keeps happening.