Title: Some users may encounter delays of up to 12 hours for some alerts and observations in Microsoft Defender for Cloud Apps
User impact: Users may encounter delays of up to 12 hours for some alerts and observations in Microsoft Defender for Cloud Apps.
More info: Impact is specific to all activities generated by the Microsoft Defender for Cloud Apps service for Anomaly Threat Detection alerts.
Current status: After further investigation, we’ve determined the delays may be up to 12 hours and affect observations as well as alerts. The infrastructure performance issue has been mitigated and the backlogged data is continuing to be processed. We anticipate the data will finish processing by our next communication update.
Scope of impact: Impact is specific to users who are served through the affected infrastructure.
Start time: Thursday, October 26, 2023, at 6:00 AM UTC
Root cause: A section of infrastructure responsible for regulating alerts in Anomaly Threat Detection for the Microsoft Defender for Cloud Apps service is performing below acceptable performance thresholds, causing alerts to be delayed.
Next update by: Friday, October 27, 2023, at 11:00 AM UTC
