Forum Discussion
DLP Alerts
Hi Has anyone noticed or aware of a backend change, that has altered the behaviour of 365 Defender behaviour towards DLP policy breaches? We use DLP and whilst alerts will trigger, only rarely was it triggered all the way through to Sentinel. Now we've got Sentinel going bananas over incidents which it didn't seem to care about before. I figure either "someone" has altered a setting or there's an infrastructure change. There were changes in the interface last week as we had "Take a tour, see what's new" dialogue. Obvs, I've asked the right people internally if anyone has made any changes (which resulted in a resounding "NO!".
Somethings' changed somewhere....
- I believe in February they did an update to the connector and more alerts flow now.
https://docs.microsoft.com/en-us/azure/sentinel/whats-new?msclkid=e345823ed06a11ec9f46c9fdfec6cf1e#view-microsoft-purview-data-in-microsoft-sentinel-public-preview
- I believe in February they did an update to the connector and more alerts flow now.
https://docs.microsoft.com/en-us/azure/sentinel/whats-new?msclkid=e345823ed06a11ec9f46c9fdfec6cf1e#view-microsoft-purview-data-in-microsoft-sentinel-public-preview- Hey Doug, thanks for your response. Yes, we had it followed up with MS and the connector now spews EVERYTHING!!! Apparently it's an "all or nothing"
