Resolved -
Today at 11:16 CEST, an issue with an unexpected surge in alerts arose, which has since been resolved. This was linked to a recent update in the Microsoft 365 Defender format, which included relocating certain process information to process.parent for AdvancedHunting-DeviceEvents and AdvancedHunting-DeviceProcessEvents.
Resolution Summary:
- The Microsoft Defender for Endpoint integration was reverted to its previous version to stop potentially false positive alerts. - We are addressing and dismissing non-relevant alerts that were raised.
Thank you for your understanding and patience. The incident is now fully resolved.
Oct 9, 11:30 CEST
Resolved -
This incident has been resolved.
Oct 7, 21:28 CEST
Monitoring -
We encountered an issue with some nodes in our storage cluster which generated some delay on the events storage. We resolved the situation and the delay is currently being handled.
Oct 7, 17:55 CEST