What could be the reason for this kind of behaviour?

An analyst is reviewing a rule that is configured to create an Offense indexed by a uri domain name. But even after validating all the rule conditions, an Offense is not generated.

What could be the reason for this kind of behaviour?
A . Custom property url domain name is empty in the events.
B . Custom property Eventname is empty in the events.
C . Normalized property url domain name is empty in the events.
D . Normalized property Source IP is empty in the events.

View Answer

Answer: B