We are currently investigating ways to improve the experience when we receive duplicate and delayed logs that generate repeat findings for users in the app. This has been observed mainly in the following two integrations:
-
Windows (NXlog/Poshim):
- NXlog has been known to resend old logs, which can generate repeat findings if those logs were related to past activity that already generated a finding.
-
Microsoft 365:
- The M365 API may return duplicate or delayed logs when the system performs daily refreshes. These regularly lead to duplicate findings.
For more information to help troubleshoot these situations while we work on a solution, see Identifying and troubleshooting delayed logs using time fields.