Folks, I need urgent help. I am trying to configure security analytics (mostly okta and m365 rules + custom ones from sigmahq), but it is not working. I am confident the detection rules are correct, I have reindexed twice but still, all I got is two “NoOp trigger” alerts.
Does someone have any clue on what could be happening? I mean, I can search for the even types and find what I want, but security analytics doesn’t seem to be working at all