SIEM - Delayed Investigation Creation

Incident Report for Rapid7

Resolved

Update: Replay of impacted alerts for all regions has been completed.
Posted May 05, 2026 - 16:43 UTC

Update

Update: Replay of impacted alerts for the CA and AP regions has been completed.
Posted May 05, 2026 - 15:58 UTC

Update

Update: For Managed Detection and Response (MDR) customers, Rapid7 Managed alerts were not impacted. However, Custom and Contextual alerts (not triaged by the Rapid7 SOC) may have experienced delays in Investigation creation during this time window.
Posted May 05, 2026 - 15:08 UTC

Identified

We have identified an issue that caused delays in the creation of Investigations for SIEM (InsightIDR) and Managed Detection and Response customers. A fix has been deployed.

Investigations that should have been created between 11:25 and 13:50 UTC on May 5, 2026 may still be delayed. We are actively replaying impacted alerts and working to ensure all missing Investigations are generated as quickly as possible.
Posted May 05, 2026 - 14:48 UTC
This incident affected: SIEM (AP) (Data Processing), SIEM (AU) (Data Processing), SIEM (EU) (Data Processing), SIEM (CA) (Data Processing), SIEM (US3) (Data Processing), SIEM (US2) (Data Processing), and SIEM (US1) (Data Processing).
Current Status Powered by Atlassian Statuspage
UTC