all InfoSec news
Finding new alerts in log investigations | Azure log analytics | KQL language | Azure Sentinel
April 1, 2022, 6:41 p.m. | /u/Agent_B99
cybersecurity www.reddit.com
I was doing some investigations in Azure log analytics and when I searched more info on one alert I discovered more alerts that where not on the Incidents page of Azure Sentinel.
The alert type was "Unknown" or "Silent" but the Severity was High .
Is this because of the Analytic rules ?
What can you find during a log investigation that an Analytic rule can miss ?
Thanks
alerts analytics azure cybersecurity investigations language log sentinel
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Solution Architect
@ Civica | London, England, United Kingdom
Information Security Officer (80-100%)
@ SIX Group | Zurich, CH
Cloud Information Systems Security Engineer
@ Analytic Solutions Group | Chantilly, Virginia, United States
SRE Engineer & Security Software Administrator
@ Talan | Mexico City, Spain