Anomalous DNS Query
Informational
Investigating
ALR-00457 · 2026-07-09T04:35:38Z
Description
DNS query to known DGA-generated domain from WS-PC-006. EmilyAI Triage matched pattern against threat intelligence feed. User: e.evans.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
04:35:38
Event ingested by SOC365 Engine
04:35:42
EmilyAI triage started — correlation enrichment
04:35:48
EmilyAI confidence: 95% — escalated to human analyst
04:36:05
Alert assigned to analyst: EmilyAI (auto)
04:37:43
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00238 | 6h ago | Certificate Anomaly | Informational | False Positive | WS-PC-006 |
| ALR-00099 | 13h ago | Anomalous DNS Query | Low | Resolved | WS-PC-004 |
| ALR-00271 | 1d ago | Anomalous DNS Query | Medium | Resolved | SRV-WEB-01 |
| ALR-00370 | 1d ago | Suspicious Scheduled Task | Informational | Open | WS-PC-006 |
| ALR-00327 | 1d ago | Shadow IT Discovery | Low | Open | WS-PC-006 |