Hey guys,

I have a problem understanding how Sentinel works. In my Sentinel, I can search for incidents dating back to the year 2022. However, when I try to find the same incidents with a Kusto query, it returns no results. Interestingly, when I attach a tag to one of these old incidents, it pops up in my query search. It feels like there are other tables that we cannot query or some settings are not correctly configured in my instance.

Does anyone know where I can find some information about this issue?

Big thanks,

Joe

​Hey guys,I have a problem understanding how Sentinel works. In my Sentinel, I can search for incidents dating back to the year 2022. However, when I try to find the same incidents with a Kusto query, it returns no results. Interestingly, when I attach a tag to one of these old incidents, it pops up in my query search. It feels like there are other tables that we cannot query or some settings are not correctly configured in my instance.Does anyone know where I can find some information about this issue?Big thanks,Joe  Read More

​