I want to know the process name of the Alert "Distinct malicious IP addresses accessed", for do some protection.
If the process name is Outlook, I search related mail,
If the process name is Microsoft Edge, I search the url.
and I hope the url or host name of mailicious IP address.2 votes
Need log analytics to process alert rules faster. I am seeing 10-12 minutes lag for alert generation.1 vote
Thanks for sharing the feedback, we would like to better understand your scenario and behavior you are referring to. Are you seeing this for every alert you create ? or happening intermittently? Can you please explain more. Thanks
Is user experience trouble in sending mails? If this is the issue, then user is require to dig in configuration setting of gmail outgoing server. SMTP is Simple Mail Transfer Protocol which help in quick delivery of mails. If the mails are not send in proper manner then it may happen that gmail smtp not working.What to do to solve this situation? To avoid this situation user is required to adopt some potential guidelines which can fix the issue in minimal time. http://www.gmailsupportchat.com/article/gmail-email-smtp-and-server-setting-configuration-support1 vote
It would be nice to be able to search if anyone create specifically a dnat rule using azure firewall . At the momemt it is only possible to create a Activity Log Alert for "Creates or updates an Azure Firewall" event , however it’s not limited to NAT Rule Collection only but creates activity logs if it falls under below criteria and you can create an alert on top of it. it’s a broader alert for any activity within the Firewall resource1 vote
getting alerted that this site is a phish with a confidence level of 75% 18.104.22.168 but it reverses to sendgrid. Is there a link within oms to modify this behavior. I'm pretty sure its not a phish but I guess I could be getting fooled somehow. The thing that makes me go hmmm is why is this coming from a server that has nothing to do with sendgrid!
I'm looking for OMS query syntax (need to build a query that will pull software inventory by PC) and the link in the help file called Complete query syntax opens https://technet.microsoft.com/library/mt450427.aspx - We are sorry this page cannot be found
Any help would be appreciated1 vote
Connect your telemetry with Machine Learning and predictive environnement for detect typologies of events : configuration server, performance track, health events, audit gpo, sql events , audit, quality...1 vote
- Don't see your idea?