Forum Discussion
Solved
Easiest way to view remediated risk detections?
I'm looking in Lighthouse at a series of risky logins that are remediated. The thing is, this tenant previously experienced a breach that got remediated, so I'm trying to be extra cautious.
When I click "View in Entra", it brings up no risk detections. If I navigate to Protection > Risky Activities > Risky Sign-Ins I get nothing. Switching to all statuses, I still get nothing. Same thing happens if I got to Risk Detections, nothing.
Short of bringing up each user, and checking every single login to try to find what was risky, is there a way I can see these once the statuses are remediated? It seems like I SHOULD able to... But here are the different ways I've tried filtering
Risk detections:
Risky Sign-Ins
Trying to understand the users popping in Lighthouse, but they don't appear with any of these filters (or the defaults).... Anyone able to advise? THanks
We got a bunch of false positives in the Entra ID Protection Weekly Digest email notifications yesterday, looks like Microsoft might have messed up something. If you are not seeing anything in the Entra portal, just ignore it. You can double-check by verifying the available entries under the Audit log page, which you can filter on the Identity Protection service.
We got a bunch of false positives in the Entra ID Protection Weekly Digest email notifications yesterday, looks like Microsoft might have messed up something. If you are not seeing anything in the Entra portal, just ignore it. You can double-check by verifying the available entries under the Audit log page, which you can filter on the Identity Protection service.
ah that's helpful, thanks Vasil
