← Customer 27935348

#30463 Operational | P3 | Potential Issue with Microsoft to Blumira Log Flow @ Blue Mountain Clinic

New-Blumira Created Dec 10, 2024, 2:01 AM
System (internal) Dec 10, 2024, 2:01 AM 
Created from Lead: https://artichoke.shield.syncromsp.com/leads/29273585/convert
Check-in (internal) Dec 10, 2024, 2:01 AM 
[embedded image](https://www.blumira.com/)

Operational | P3 | Potential Issue with Microsoft to Blumira Log Flow @ Blue Mountain Clinic

Blumira has detected Potential Issue with Microsoft to Blumira Log Flow for Blue Mountain Clinic on 2024-12-09 07:01PM MST and triggered action Create Informational Finding for Responders.

Analysis:

An API error has been seen in the connector status of your log flow.

{"error":"Failed to obtain auth token or start subscriptions. Error: Failed to obtain o365 auth token. Error: AADSTS7000222: The provided client secret keys for app '2e6f94cf-27b4-46e4-b31b-dd92d340efb2' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: 60a29d19-8457-4bd0-824e-6c0738975000 Correlation ID: cb2b050e-7442-4a43-b050-595289be7504 Timestamp: 2024-12-10 01:36:22Z"}

To restore log flow, please regenerate your API key following [the instructions here.](https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-siem?view=o365-worldwide#learn-how-to-get-a-new-client-secret)
This log flow issue can be caused when the API key expires as keys can be configured to have a lifetime of up to 24 months. If you run into issues with regenerating your API key, please reach out to support for assistance.

Finding ID: F-24-50-BBA5

Finding Data Source: Microsoft365 Azure AD
Replying to this email does not open a ticket or notify the support team. Please email [email protected] or comment within the Finding.

[Learn More](https://app.blumira.com/120413f6-dfa7-4ba7-8964-11dd90ed9bf2/query/findings/bba50201-e128-466d-9b3d-c3cb84a1a569)

[embedded image]

[email protected]
[206 E. Huron Street, Suite 106, Ann Arbor, MI 48104](#)

4c2e4fd8-73c6-4cdc-87ee-53ae90bf6368

[embedded image]
Ticket Automation (internal) Dec 10, 2024, 2:01 AM 
Automation Blumira ran on this ticket. Actions: Change Status to New-Blumira