This alert is triggered when Sentinel can no long detect Security Event log entries from a Windows log source (in the last 1 hour).
System monitoring impact
MITRE ATT&CK Tactics
Windows server has been decommissioned (planned change)
1. Customer needs to investigate on the Windows server if Microsoft Monitoring Agent is stopped or misconfigured
2. Notify MSSP provider to this server from Azure Sentinel monitoring scope ( applicable if server has been decommissioned)