Anomalous DNS Query
Informational
Investigating
ALR-00365 · 2026-07-10T09:31:46Z
Description
DNS query to known DGA-generated domain from AP-WIFI-03. Endpoint Agent matched pattern against threat intelligence feed. User: c.williams.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
09:31:46
Event ingested by SOC365 Engine
09:31:50
EmilyAI triage started — correlation enrichment
09:32:00
EmilyAI confidence: 83% — escalated to human analyst
09:32:08
Alert assigned to analyst: EmilyAI (auto)
09:32:49
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00112 | 1h ago | Certificate Anomaly | Low | Open | AP-WIFI-03 |
| ALR-00211 | 3h ago | Anomalous DNS Query | Medium | False Positive | SRV-APP-01 |
| ALR-00159 | 9h ago | Anomalous DNS Query | Informational | Open | WS-PC-006 |
| ALR-00455 | 9h ago | Anomalous DNS Query | Low | Escalated | WS-PC-004 |
| ALR-00389 | 14h ago | Anomalous DNS Query | Informational | False Positive | WS-LAP-011 |