Template analytics rule - PossibleAiTMPhishingAttemptAgainstAAD - has an error #8833
Comments
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
2 similar comments
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
|
Hi @Celine-REN, thanks for flagging this, we will soon provide an update on this. |
|
Hello @v-rbajaj, Anticipating your updates eagerly! Thank you! |
|
Hi @Celine-REN, Thanks for flagging, I can see this analytical rule has been modified recently in our 3.0.0 version of the solution which is currently live as well, can you please let me know if you are using the latest version of the solution? |
|
Hi @Celine-REN, can you please provide an update on this? |
|
Since we have not received a response in the last 5 days, we are closing your issue #8833 as per our standard operating procedures. If you still need support for this issue, feel free to re-open at any time. Thank you for your co-operation. |
Bug Description
Upon attempting to enable the "Possible AiTM Phishing Attempt Against Azure AD" analytics rule within the "Security Threat Essentials" solution from the Content hub, an error is encountered. This occurs despite having ingested Sign-In logs in the Sentinel workspace. The query consistently triggers the following error message:
"Some aspects of the query had errors, resulting in incomplete results. Should the issue persist, we recommend opening a support ticket. Request ID: 182d8822-3279-4c3e-b001-112a4a4573ec."
Steps to Reproduce
Expected Behavior
The query should execute without errors.
Screenshots
Additional Context
This issue is reproducible across all of our Sentinel workspaces.
The text was updated successfully, but these errors were encountered: