← Customer 27935348

#30523 Operational | P3 | Potential Issue with Microsoft to Blumira Log Flow @ Blue Mountain Clinic

New-Blumira Created Dec 14, 2024, 2:58 AM
System (internal) Dec 14, 2024, 2:58 AM 
Created from Lead: https://artichoke.shield.syncromsp.com/leads/29365114/convert
Check-in (internal) Dec 14, 2024, 2:58 AM 
[embedded image](https://www.blumira.com/)

Operational | P3 | Potential Issue with Microsoft to Blumira Log Flow @ Blue Mountain Clinic

Blumira has detected Potential Issue with Microsoft to Blumira Log Flow for Blue Mountain Clinic on 2024-12-13 07:57PM MST and triggered action Create Informational Finding for Responders.

Analysis:

An API error has been seen in the connector status of your log flow.

{"error":"Failed to obtain auth token or start subscriptions. Error: Failed to obtain o365 auth token. Error: AADSTS7000222: The provided client secret keys for app '2e6f94cf-27b4-46e4-b31b-dd92d340efb2' are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds. Trace ID: 4de0dbb9-05f2-4201-8128-8d6fcd035c00 Correlation ID: 259c8892-493b-4a39-bcdf-c3ba2541308d Timestamp: 2024-12-14 02:32:27Z"}

To restore log flow, please regenerate your API key following [the instructions here.](https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-siem?view=o365-worldwide#learn-how-to-get-a-new-client-secret)
This log flow issue can be caused when the API key expires as keys can be configured to have a lifetime of up to 24 months. If you run into issues with regenerating your API key, please reach out to support for assistance.

Finding ID: F-24-50-C7E8

Finding Data Source: Microsoft365 Azure AD
Replying to this email does not open a ticket or notify the support team. Please email [email protected] or comment within the Finding.

[Learn More](https://app.blumira.com/120413f6-dfa7-4ba7-8964-11dd90ed9bf2/query/findings/c7e8caba-0c0a-4934-8f3b-27924c10bb40)

[embedded image]

[email protected]
[206 E. Huron Street, Suite 106, Ann Arbor, MI 48104](#)

51866b04-739a-44cc-afe5-8a9717bdd9b2

[embedded image]
Ticket Automation (internal) Dec 14, 2024, 2:58 AM 
Automation Blumira ran on this ticket. Actions: Change Status to New-Blumira