← Customer 27935348

#30478 Operational | P3 | Potential Issue with Microsoft to Blumira Log Flow @ Blue Mountain Clinic

New-Blumira Created Dec 11, 2024, 2:22 AM
System (internal) Dec 11, 2024, 2:22 AM 
Created from Lead: https://artichoke.shield.syncromsp.com/leads/29298547/convert
Check-in (internal) Dec 11, 2024, 2:22 AM 
[embedded image](https://www.blumira.com/)

Operational | P3 | Potential Issue with Microsoft to Blumira Log Flow @ Blue Mountain Clinic

Blumira has detected Potential Issue with Microsoft to Blumira Log Flow for Blue Mountain Clinic on 2024-12-10 07:21PM MST and triggered action Create Informational Finding for Responders.

Analysis:

An API error has been seen in the connector status of your log flow.

{"error":"Failed to obtain auth token or start subscriptions. Error: Failed to obtain o365 auth token. Error: AADSTS7000222: The provided client secret keys for app '2e6f94cf-27b4-46e4-b31b-dd92d340efb2' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: c067db1e-49d4-46f5-a666-46953af81800 Correlation ID: d29766be-a7dc-4a93-a8fb-878ea9e6cdc8 Timestamp: 2024-12-11 01:56:51Z"}

To restore log flow, please regenerate your API key following [the instructions here.](https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-siem?view=o365-worldwide#learn-how-to-get-a-new-client-secret)
This log flow issue can be caused when the API key expires as keys can be configured to have a lifetime of up to 24 months. If you run into issues with regenerating your API key, please reach out to support for assistance.

Finding ID: F-24-50-C512

Finding Data Source: Microsoft365 Azure AD
Replying to this email does not open a ticket or notify the support team. Please email [email protected] or comment within the Finding.

[Learn More](https://app.blumira.com/120413f6-dfa7-4ba7-8964-11dd90ed9bf2/query/findings/c51209b2-fad4-48e3-a361-0d0320ba1a50)

[embedded image]

[email protected]
[206 E. Huron Street, Suite 106, Ann Arbor, MI 48104](#)

5849c146-676c-47a8-a765-15ad46fa7a35

[embedded image]
Ticket Automation (internal) Dec 11, 2024, 2:22 AM 
Automation Blumira ran on this ticket. Actions: Change Status to New-Blumira