Some admins may experience various delays in the Microsoft Defender for Cloud Apps service

Title: Some admins may experience various delays in the Microsoft Defender for Cloud Apps service

User impact: Admins may have experienced various delays in the Microsoft Defender for Cloud Apps service.

More info: Affected admins may have experienced delayed data population pertaining to alerts and activities for the following scenarios:

– Anomaly detection
– Activity policies
– Activities in the advanced hunting schema
– Activities being shown in the user interface (UI)

Final status: We identified high resource utilization on a portion of Microsoft Defender for Cloud Apps infrastructure that was causing delays with alerts and activities. We restarted resource pipelines for the affected infrastructure and monitored the environment to validate that service was restored.

Scope of impact: This issue may have potentially impacted any admin viewing alerts and activities for the affected scenarios.

Start time: Tuesday, February 27, 2024, at 2:00 AM UTC

End time: Tuesday, February 27, 2024, at 5:41 AM UTC

Root cause: High resource utilization on a portion of Microsoft Defender for Cloud Apps infrastructure was causing delays and activities.

Next steps:
– We’re continuing our analysis of the affected infrastructure to gain better understanding of what triggered the high resource utilization, which will help us with preventing similar situations in the future.

This is the final update for the event.