Managed Sentinel – Alert 210
| Alert ID | MS-A210 |
| Alert Name | Unusual number of log entries in CommonSecurityLog |
| Description | This alert identifies a significant change in the number of events recorded by a device in the CommonSecurityLog. |
| Severity Level | Informational |
| Threat Indicator | |
| MITRE ATT&CK Tactics | Exfiltration Command And Control |
| Log sources | CommonSecurityLog |
| False Positives | |
| Recommendations |