User Profile
JILIN_RAJU
Copper Contributor
Joined 5 years ago
User Widgets
Recent Discussions
Microsoft.Tri.Sensor.Updater-Errors
Solution, please 2023-10-27 10:38:20.7211 Error ServiceControllerExtension ChangeServiceStatus failed to change service status [name=AATPSensor status=Running Exception=System.InvalidOperationException: Cannot start service AATPSensor on computer '.'. ---> System.ComponentModel.Win32Exception: The system cannot find the file specified --- End of inner exception stack trace --- at System.ServiceProcess.ServiceController.Start(String[] args) at Microsoft.Tri.Infrastructure.ServiceControllerExtension.ChangeServiceStatus(String name, ServiceControllerStatus status, TimeSpan timeout, Nullable`1 awaitedStatus)] 2023-10-27 10:43:20.8047 Error ServiceControllerExtension ChangeServiceStatus failed to change service status [name=AATPSensor status=Running Exception=System.InvalidOperationException: Cannot start service AATPSensor on computer '.'. ---> System.ComponentModel.Win32Exception: The system cannot find the file specified --- End of inner exception stack trace --- at System.ServiceProcess.ServiceController.Start(String[] args) at Microsoft.Tri.Infrastructure.ServiceControllerExtension.ChangeServiceStatus(String name, ServiceControllerStatus status, TimeSpan timeout, Nullable`1 awaitedStatus)]3.8KViews0likes4CommentsMicrosoft.Tri.Sensor-Error - Defender Indentitiy Standalone
Solution please 023-10-27 10:31:56.8553 Error DirectoryServicesDomainNetworkCredentialsManager Microsoft.Tri.Infrastructure.ExtendedException: DomainControllerDnsNames is empty or not configured at void Microsoft.Tri.Sensor.DirectoryServicesDomainNetworkCredentialsManager.UpdateConfigurations(ConfigurationCollection configurations) at Func<Task> Microsoft.Tri.Infrastructure.ActionExtension.ToAsyncFunction(Action action)+(TItem _) => { } at async Task Microsoft.Tri.Infrastructure.ConfigurationManager.RegisterConfigurationAsync(Func<ConfigurationCollection, Task> onConfigurationsUpdateAsync, Type[] configurationTypes) at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task) at new Microsoft.Tri.Sensor.DirectoryServicesDomainNetworkCredentialsManager(IConfigurationManager configurationManager, IDomainTrustMappingManager domainTrustMapping, IMetricManager metricManager, ISensorSecretManager secretManager, IWorkspaceApplicationSensorApiJsonProxy workspaceApplicationSensorApi) at object lambda_method(Closure, object[]) at object Autofac.Core.Activators.Reflection.ConstructorParameterBinding.Instantiate() at void Microsoft.Tri.Infrastructure.ModuleManager.AddModules(Type[] moduleTypes) at new Microsoft.Tri.Sensor.SensorModuleManager() at ModuleManager Microsoft.Tri.Sensor.SensorService.CreateModuleManager() at async Task Microsoft.Tri.Infrastructure.Service.OnStartAsync() at void Microsoft.Tri.Infrastructure.TaskExtension.Await(Task task) at void Microsoft.Tri.Infrastructure.Service.OnStart(string[] args)1.1KViews0likes1CommentMicrosoft Defender for Identity standalone sensors
Hi Current scenario: we are forwarding domain control security logs to another server(windows machine) via the "https://learn.microsoft.com/en-us/defender-for-identity/configure-event-forwarding#wef-configuration-for-defender-for-identity-standalone-sensors-with-port-mirroring". We have logs in forwarded events ( event viewer). In future if am installing an identity sensor on a standalone method should I configure port mirroring and Directory services accounts? is that a mandatory configuration for the stand-alone sensor?Microsoft 365 defender alerts not capturing fields (entities) in azure sentinel
We got an alert from 365 defenders to azure sentinel ( A potentially malicious URL click was detected). To investigate this alert we have to check in the 365 defender portal. We noticed that entities are not capturing (user, host, IP). How can we resolve this issue? Note: This is not a custom rule.- 1.9KViews0likes0Comments
Recent Blog Articles
No content to show