Alerting if Tenants stop sending data. | Voters

Alerting if Tenants stop sending data.

in progress

James Stull

We need a better alerting system, or at least some kind of notification should you suddenly not get any data from client tenants.

December 15, 2023

Rich Mozeleski

Merged in a post:

Google Workspace Status - ITDR

Ryan Beaman

Can there be some sort of indicator that the API connections are still active to each of my tenants for the google workspace integration? Anything at all, like last pulled log at this date or amount of data ingested so you can monitor if it is actually syncing. Without it you are waiting for an event to happen to know if it is actually pulling data. Overtime, you may not know something broke if you aren't getting alerts based on the current setup.

Also, it would be nice to verify on that screen what account you used to sync for that tenant to verify the correct domain user was used for the correct tenant sync. When I did the setup I think they got flip flopped somehow so I manually did each one again to be sure.

April 4, 2026

Rich Mozeleski

Merged in a post:

Escalation Alert for Unhealthy ITDR Tenant

Dan Parzanese

I noticed that my ITDR tenant was showing as unhealthy, but I did not receive any alert about this issue. It would be beneficial to have an escalation alert system in place that notifies us when a tenant becomes unhealthy, ensuring we can address the problem promptly without having to manually check each client.

April 4, 2026

Rich Mozeleski

Merged in a post:

Tenant Health Alerting

Rich Mozeleski

If you have a broken tenant, we will tell you.

April 4, 2026

Rich Mozeleski

We have plans to improve our tenant health visibility and reporting across both M365 and GWS. As we get closer to release of ITDR for GWS, we'll have a more concrete timeline on some of these improvements.

Jonathan Gibney

Is this still an open item? If a domain stops sending data to you, how do you notify us so that we can take action? Do we need to look at the health status on a daily basis? I was just told by support you do not monitor it and I should put in a request. I see someone did that 12 months ago.

Robert Dana

marked this post as

in progress

We are adding in additional monitoring for errors when we try to access audit logs for a tenant. It turns out that there were a couple of error types we were missing.

Taylor'la Stark'la

Robert Dana Thank you for this!

Jacob Wiley

I had no idea there was no notification if audit logs stopped flowing, this is concerning.

Joshua Topp

Auto ticket logging in the event of a disconnection or failure to respond would be a good start. Can use the PSA to escalate via normal channels.