Logs were not collected from a data source for an abnormally long time

Cortex XDR Analytics Alert Reference by Alert name

Product

Cortex XDR

Last date published

2025-11-09

Synopsis

Activation Period	14 Days
Training Period	30 Days
Test Period	1 Day
Deduplication Period	6 Hours
Required Data	Requires: Health Monitoring Data
Detection Modules
Detector Tags
ATT&CK Tactic	Impact (TA0040)
ATT&CK Technique	Network Denial of Service (T1498) Service Stop (T1489)
Severity	Low

Description

Logs were not collected from a data source for an abnormally long time.

Attacker's Goals

N/A.

Investigative actions

N/A.

Variations

Logs were not collected from a Windows Event Collector (WEC) for an abnormally long time

Synopsis

ATT&CK Tactic

Impact (TA0040)

ATT&CK Technique

Severity

Low

Description

Logs were not collected from a data source for an abnormally long time.

Attacker's Goals

N/A.

Investigative actions

N/A.

Logs were not collected from a Microsoft Windows XDR Collector (XDRC) for an abnormally long time

Synopsis

ATT&CK Tactic

Impact (TA0040)

ATT&CK Technique

Severity

Low

Description

Logs were not collected from a data source for an abnormally long time.

Attacker's Goals

N/A.

Investigative actions

N/A.

Logs were not collected from a data source for an abnormally long time, which indicates a significant stop

Synopsis

ATT&CK Tactic

Impact (TA0040)

ATT&CK Technique

Severity

Medium

Description

Logs were not collected from a data source for an abnormally long time.

Attacker's Goals

N/A.

Investigative actions

N/A.

Logs were not collected from a data source for an abnormally long time, despite a stable and consistent data stream until recently

Synopsis

ATT&CK Tactic

Impact (TA0040)

ATT&CK Technique

Severity

Medium

Description

Logs were not collected from a data source for an abnormally long time.

Attacker's Goals

N/A.

Investigative actions

N/A.