I have a Output to Azure Sentinel. I reboot, it work then stop working for a unknown reason. I have a bunch of ERROR.SUBMIT
How do I troubleshoot that ?
Solved! Go to Solution.
Are the error.submit increasing? if not, it could have been a transient error on the API side.
For details check the minemeld-engine.log file: System > Engine > Logs
I am getting this error. I have validated and this indicatorID is present in Sentinel. MineMeld tries many time to query the same ID. I think it doesn't move to the next IOC until the error is cleared, which never happen
2019-08-16T13:55:41 (100542)node._push_loop ERROR: AzureSentinelV3 - error submitting indicators - 400 Client Error: Bad Request for url: https://graph.microsoft.com/beta/security/tiIndicators/9F7A051D71B8052134AAAFC52AF541B4253C2DA4A7C78...
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!