| DisplayName | ID | Target | Category | Enabled | Alert Generate |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalBehaviorSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Comportamento Anormal | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalBehaviorSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalProtocolSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Protocolo Anormal | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalProtocolSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalSensitiveGroupMembershipChangeSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Alteração de Associação a um Grupo Confidencial Anormal | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalSensitiveGroupMembershipChangeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalVpnSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Vpn Anormal | Microsoft.AdvancedThreatAnalytics.1_8.Center.AbnormalVpnSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.AccountEnumerationSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Enumeração de Conta | Microsoft.AdvancedThreatAnalytics.1_8.Center.AccountEnumerationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.BruteForceSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Força Bruta | Microsoft.AdvancedThreatAnalytics.1_8.Center.BruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDataDriveFreeSpaceMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento do Espaço Livre na Unidade de Dados do Banco de Dados do Center | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDataDriveFreeSpaceMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDisconnectedMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento do Banco de Dados do Centro Desconectado | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterDatabaseDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterExternalIpAddressResolutionFailureMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Falhas de Resolução de Endereço IP Externo do Centro | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterExternalIpAddressResolutionFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterMailMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Email | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterMailMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterNotReceivingTrafficMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Centro Não Recebendo Tráfego | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterNotReceivingTrafficMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterOverloadedMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento do Centro Sobrecarregado | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterOverloadedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterSyslogMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento Syslog Center | Microsoft.AdvancedThreatAnalytics.1_8.Center.CenterSyslogMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.CertificateExpiryMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Vencimento do Certificado | Microsoft.AdvancedThreatAnalytics.1_8.Center.CertificateExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.ComputerPreauthenticationFailedSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Falha de Pré-autenticação de Computador | Microsoft.AdvancedThreatAnalytics.1_8.Center.ComputerPreauthenticationFailedSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseAtSvcBlockSize](/images/Rule.png) | Tamanho do Bloco do AtSVC do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseAtSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDirectoryServicesActivityBlockSize](/images/Rule.png) | Tamanho de Bloco DirectoryServicesActivity do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDirectoryServicesActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDnsBlockSize](/images/Rule.png) | Tamanho do Bloco do DNS do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDnsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDrsrBlockSize](/images/Rule.png) | Tamanho do Bloco do DRSR do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseDrsrBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosApBlockSize](/images/Rule.png) | Tamanho do Bloco do KerberosAP do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosApBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosAsBlockSize](/images/Rule.png) | Tamanho do Bloco do KerberosAS do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosAsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosTgsBlockSize](/images/Rule.png) | Tamanho do Bloco do KerberosTGS do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseKerberosTgsBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLdapBlockSize](/images/Rule.png) | Tamanho do Bloco do LDAP do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLdapBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLsaRpcBlockSize](/images/Rule.png) | Tamanho do Bloco do LsaRPC do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseLsaRpcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNetlogonBlockSize](/images/Rule.png) | Tamanho do Bloco do Netlogon do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNetlogonBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmBlockSize](/images/Rule.png) | Tamanho do Bloco do NTLM do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize](/images/Rule.png) | Tamanho do Bloco do NTLMEvent do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseNtlmEventBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseServiceControlBlockSize](/images/Rule.png) | Tamanho do Bloco do ServiceControl do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseServiceControlBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSmbBlockSize](/images/Rule.png) | Tamanho do Bloco do SMB do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSmbBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSrvSvcBlockSize](/images/Rule.png) | Tamanho do Bloco do SrvSVC do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseSrvSvcBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseTaskSchedulerBlockSize](/images/Rule.png) | Tamanho do Bloco do TaskScheduler do Banco de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.DatabaseTaskSchedulerBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DirectoryServicesReplicationSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Replicação de Serviços de Diretório | Microsoft.AdvancedThreatAnalytics.1_8.Center.DirectoryServicesReplicationSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.DnsReconnaissanceSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Reconhecimento de DNS | Microsoft.AdvancedThreatAnalytics.1_8.Center.DnsReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Downgrade de Criptografia | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityProfilerNetworkActivityBlockSize](/images/Rule.png) | Tamanho do Bloco de Atividade de Rede de EntityProfiler | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityProfilerNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityReceiverEntityBatchBlockSize](/images/Rule.png) | Tamanho do Bloco do Lote de Entidade de EntityReceiver | Microsoft.AdvancedThreatAnalytics.1_8.Center.EntityReceiverEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EnumerateSessionsSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Downgrade de Criptografia (Tíquete Dourado) | Microsoft.AdvancedThreatAnalytics.1_8.Center.EnumerateSessionsSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.ForgedPacSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Downgrade de Criptografia (Ultrapassagem de Hash) | Microsoft.AdvancedThreatAnalytics.1_8.Center.ForgedPacSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterFaultedMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Adaptador de Rede de Captura de Gateway Com Falha | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterFaultedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterMissingMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Adaptador de Rede de Captura de Gateway Ausente | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayCaptureNetworkAdapterMissingMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientAccountPasswordExpiryMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Expiração de Senha de Conta de Cliente de Serviços de Diretório do Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientAccountPasswordExpiryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientConnectivityMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Conectividade de Cliente de Serviços de Diretóro de Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDirectoryServicesClientConnectivityMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDisconnectedMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Gateway Desconectado | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDisconnectedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDomainSynchronizerNotAssignedMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento Não Atribuído de Sincronizador de Domínios do Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayDomainSynchronizerNotAssignedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayLowMemoryMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Baixa Memória de Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayLowMemoryMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedEventActivitiesMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Atividades de Eventos de Gateway Sobrecarregado | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedEventActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedNetworkActivitiesMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Atividades de Rede de Gateway Sobrecarregado | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayOverloadedNetworkActivitiesMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayRadiusEventListenerMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Ouvinte de Eventos de Raio de Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayRadiusEventListenerMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaysOutdatedMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Gateways Desatualizado | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaysOutdatedMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | ConfigurationHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayStartFailureMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Falha Inicial de Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewayStartFailureMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaySyslogEventListenerMonitoringAlert](/images/Rule.png) | ATA 1.8 - Regra de Alertas de Monitoramento de Ouvinte de Eventos de Syslog do Gateway | Microsoft.AdvancedThreatAnalytics.1_8.Center.GatewaySyslogEventListenerMonitoringAlert | Microsoft.AdvancedThreatAnalytics.1_8.Center | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.GoldenTicketSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Downgrade de Criptografia (Chave de Esqueleto) | Microsoft.AdvancedThreatAnalytics.1_8.Center.GoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.HoneytokenActivitySuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Enumeração de Sessões | Microsoft.AdvancedThreatAnalytics.1_8.Center.HoneytokenActivitySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapBruteForceSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Pacote Falsificado | Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapBruteForceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapCleartextPasswordSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Atividade de HoneyToken | Microsoft.AdvancedThreatAnalytics.1_8.Center.LdapCleartextPasswordSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.MassiveObjectDeletionSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Senha Não Criptografada de Enlace Simples LDAP | Microsoft.AdvancedThreatAnalytics.1_8.Center.MassiveObjectDeletionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.NetworkActivityProcessorNetworkActivityBlockSize](/images/Rule.png) | Tamanho do Bloco da Atividade de Rede de NetworkActivityProcessor | Microsoft.AdvancedThreatAnalytics.1_8.Center.NetworkActivityProcessorNetworkActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Center | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheHashSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Exclusão Intensa de Objetos | Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheTicketSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Passagem de Hash | Microsoft.AdvancedThreatAnalytics.1_8.Center.PassTheTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.RemoteExecutionSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Passagem de Tíquete | Microsoft.AdvancedThreatAnalytics.1_8.Center.RemoteExecutionSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.RetrieveDataProtectionBackupKeySuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Execução Remota | Microsoft.AdvancedThreatAnalytics.1_8.Center.RetrieveDataProtectionBackupKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.SamrReconnaissanceSuspiciousActivity](/images/Rule.png) | Regra de Alerta de Atividade Suspeita de Recuperação de Chave de Backup de Proteção de Dados | Microsoft.AdvancedThreatAnalytics.1_8.Center.SamrReconnaissanceSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ActiveDirectoryAuthenticationFailure](/images/Rule.png) | O Gateway do ATA Falhou ao se Autenticar no Controlador de Domínio | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.ActiveDirectoryAuthenticationFailure | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.CountersDisabled](/images/Rule.png) | Os contadores podem estar desabilitados no Registro | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.CountersDisabled | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize](/images/Rule.png) | Tamanho do Bloco de Atividade de EntityResolver | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntityResolverActivityBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchBlockSize](/images/Rule.png) | Tamanho do Bloco do Lote de Entidade de EntitySender | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchBlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchSendTime](/images/Rule.png) | Hora de Envio do Lote de Entidade de EntitySender | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.EntitySenderEntityBatchSendTime | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToAuthenticateAgainstCenter](/images/Rule.png) | O Gateway do ATA Falhou ao se Autenticar no Centro | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToAuthenticateAgainstCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToEstablishConnectionToCenter](/images/Rule.png) | O Gateway do ATA falhou ao estabelecer conexão ao Centro do ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToEstablishConnectionToCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToParseSyslog](/images/Rule.png) | O Gateway do ATA Falhou ao Analisar Mensagem de Syslog do SIEM | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToParseSyslog | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToQueryDCUsingLDAPProtocol](/images/Rule.png) | Gateway do ATA falhou ao consultar o controlador de domínio usando o protocolo LDAP | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToQueryDCUsingLDAPProtocol | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToSynchronizeConfigurationFromCenter](/images/Rule.png) | O Gateway do ATA falhou ao sincronizar a configuração desde o Centro do ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToSynchronizeConfigurationFromCenter | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToValidateCenterCertificateChain](/images/Rule.png) | O Gateway do ATA Falhou ao Validar a Cadeia de Certificados do Centro | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.FailedToValidateCenterCertificateChain | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayDoesNotHaveEnoughMemory](/images/Rule.png) | O Gateway do ATA não tem memória suficiente | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayDoesNotHaveEnoughMemory | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCommitMemoryMaxSize](/images/Rule.png) | Tamanho Máx de Memória Comprometida do GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCommitMemoryMaxSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCPUTimeMax_](/images/Rule.png) | \% Máx de Tempo de CPU do GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerCPUTimeMax_ | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerWorkingSetLimitSize](/images/Rule.png) | Tamanho Limite Definido de Trabalho do GatewayUpdaterResourceManager | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.GatewayUpdaterResourceManagerWorkingSetLimitSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.HostEntryInHOSTSFile](/images/Rule.png) | Há uma entrada de host no arquivo HOSTS apontando para o shortname do computador | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.HostEntryInHOSTSFile | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.MessageAnalyzerIsInstalledOnGateway](/images/Rule.png) | O Analisador de Mensagem está instalado no Gateway ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.MessageAnalyzerIsInstalledOnGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkActivityTranslatorMessageData0BlockSize](/images/Rule.png) | Tamanho do Bloco 0 de Dados de Mensagem de NetworkActivityTranslator | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkActivityTranslatorMessageData0BlockSize | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerETWDroppedEvents_Sec](/images/Rule.png) | NetworkListener ETW Ignorou Eventos/s | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerETWDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFDroppedEvents_Sec](/images/Rule.png) | NetworkListener PEF Ignorou Eventos/s | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFDroppedEvents_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFParsedMessages_Sec](/images/Rule.png) | Mensagens Analisadas PEF do NetworkListener/S | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.NetworkListenerPEFParsedMessages_Sec | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | PerformanceCollection | True | False |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.OtherPendingInstallations](/images/Rule.png) | Há outras instalações pendentes em seu computador | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.OtherPendingInstallations | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PEFWasNotInstalledCorrectly](/images/Rule.png) | O PEF (Analisador de Mensagens) não foi instalado corretamente | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PEFWasNotInstalledCorrectly | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PIDsWasEnabledForProcessNamesInGateway](/images/Rule.png) | Os PIDs foram habilitados para processar nomes no Gateway do ATA | Microsoft.AdvancedThreatAnalytics.1_8.Gateway.PIDsWasEnabledForProcessNamesInGateway | Microsoft.AdvancedThreatAnalytics.1_8.Gateway | AvailabilityHealth | True | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeGoldenTicketSuspiciousActivity](/images/Rule.png) | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeGoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeGoldenTicketSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeOverPasstheHashSuspiciousActivity](/images/Rule.png) | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeOverPasstheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeOverPasstheHashSuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |
![Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSkeletonKeySuspiciousActivity](/images/Rule.png) | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSkeletonKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center.EncryptionDowngradeSkeletonKeySuspiciousActivity | Microsoft.AdvancedThreatAnalytics.1_8.Center | SecurityHealth | False | True |