Logs were not collected from a data source for an abnormally long time

Cortex XDR Analytics Alert Reference by Alert name

Product
Cortex XDR
Last date published
2024-12-03
Category
Analytics Alert Reference
Order
Alert name

Synopsis

Activation Period

14 Days

Training Period

30 Days

Test Period

1 Day

Deduplication Period

6 Hours

Required Data

  • Requires:
    • Health Monitoring Data

Detection Modules

Detector Tags

ATT&CK Tactic

Credential Access (TA0006)

ATT&CK Technique

Brute Force: Password Spraying (T1110.003)

Severity

Low

Description

Logs were not collected from a data source for an abnormally long time.

Attacker's Goals

N/A.

Investigative actions

N/A.