Comments (5)
No one?
from azure-sentinel.
Hi @mbell85 ,
SrcIpAddrs coming null means that the source did not provide SrcIp in the log. Worth checking the raw log to verify if the SrcIp is coming from source or not. What is the source of networksession logs in your environment?
If source is not providing SrcIp details, it is worth checking why for network failures no source details being logged.
from azure-sentinel.
from azure-sentinel.
@mbell85, Hope you're doing well. Did you get chance to check on shared suggestion. Thanks!
from azure-sentinel.
@mbell85 I'm closing this issue for now since you are validating our suggestion. If you got different findings and need further help. Please re-open the issue.
CC: @v-sudkharat
from azure-sentinel.
Related Issues (20)
- Sentinel_AMA_troubleshoot.py HOT 1
- Add Entity to existing Incident HOT 5
- Enlarge comment input section HOT 4
- Impossible to install Microsoft Defender for Cloud connector HOT 8
- SrcIpAddr missing on Windows Authentication Parser
- Undefined Tenant ID with the GCP Audit Log Data Connector HOT 7
- Umbrella Data Connector Filtering HOT 3
- Salesforce Service Cloud doesn't collect logs from Salesforces HOT 7
- Excessive results when querying AzureActivity table HOT 4
- ENTRA HOT 3
- Microsoft Exchange Logs and Events errors when deploying MessageTrackingLog and ExchangeHttpProxy collectors HOT 1
- VMware ESXi AMA migration HOT 1
- Dynatrace solution data connectors under certain circumstances fields are being trimmed to the max allowed size for log analytics workspace HOT 7
- RDP Nesting analytic rule miss reporting HOT 1
- Ubiquiti UniFi AMA migration HOT 1
- Entra ID Protection Solution v3.0.0 not updated with latest analytic rule 'Correlate Unfamiliar sign-in properties & atypical travel alerts' version 1.0.8 HOT 2
- Cisco Asa ASim Authentication parsing fix
- Forwarder_AMA_installer.py script incorrectly removes all comment markers in a line when attempting to enable imudp/imtcp modules (RHEL8) HOT 5
- Duplicated logs ingested into Sentinel with OCI (Azure Functions) Data Connector HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sentinel.