Managed Sentinel – Alert 198

Alert IDMS-A198
Alert NameRare subscription-level operations in Azure
DescriptionThis alert looks for sensitive subscription-level events based on Azure Activity Logs.
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsDefense Evasion
Discovery
Log sourcesAzureActivity
False Positives
Recommendations