Title: Some users may have encountered delays of up to four hours in Microsoft Defender for Cloud Apps
User impact: Users may have encountered delays of up to four hours in Microsoft Defender for Cloud Apps.
More info: Impact was specific to all activities generated by the Microsoft Defender for Cloud Apps service for Anomaly Threat Detection alerts and for some alerts and observations.
Final status: We’ve successfully cleared the accumulation of backlogged data and confirmed via monitoring service telemetry that impact has been remediated.
Scope of impact: Impact was specific to some users who were served through the affected infrastructure.
Start time: Tuesday, October 31, 2023, at 11:00 AM UTC
End time: Tuesday, October 31, 2023, at 5:30 PM UTC
Root cause: A section of infrastructure, responsible for regulating alerts and observations in Anomaly Threat Detection for the Microsoft Defender for Cloud Apps service, was performing below acceptable performance thresholds, causing alerts and observations to be delayed.
Next steps:
– We’re analyzing performance data and trends on the affected infrastructure that regulates alerts and observations to help prevent this problem from happening again.
This is the final update for the event.
