May 13 2022 07:01 AM
We got an alert from 365 defenders to azure sentinel ( A potentially malicious URL click was detected). To investigate this alert we have to check in the 365 defender portal.
We noticed that entities are not capturing (user, host, IP). How can we resolve this issue?
Note: This is not a custom rule.
May 23 2022 07:51 AM
Jul 26 2023 08:00 AM