Unfortunately, we cannot see these activities on the Timeline page during the 8-day learning period as explained in the documentation. However, from what I read in the same documentation, we should be able to see the activities in the "Logical Activities timeline". However, we are not getting this information. I did the same test in another tenant and the result is the same. I even looked in the local ATP sensor log files that is in the DC and there's no information about these events.
Am I missing something or is there an issue with this?
Also, is there a way to change the learning period for some of the alerts to possibly reduce the duration?
PS: we are getting some other activities in the Timeline page (activities that doesn't require a learning period)
Thanks
We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE
