Managed Sentinel – Alert 085
| Alert ID | MS-A085 |
| Alert Name | Silent OfficeActivity Workload |
| Description | This alert is triggered when an Office 365 workload such as Exchange, SharePoint, OneDrive, etc. has not generated logs in the last 1 hour. Version 1.0 |
| Severity Level | Informational |
| Threat Indicator | System monitoring impact |
| MITRE ATT&CK Tactics | Execution |
| Log sources | Office 365 |
| False Positives | |
| Recommendations | 1. Customer needs to investigate Office 365 Data Connector in Azure Sentinel is stopped or misconfigured 2. Follow-up with Microsoft technical support team to notify that O365 logging stop working |