I'm currently using McAfee Nitro ESM 9.6.3 MR and recently came across an issue where only the users who are admins, or have been granted the admin privilege are able to view the new incoming alarms. But the users who are not admin( as well as no admin privilege) are unable to view those alarms.
For them they are able to view alarms back in some date, around a month back. Probably when the issue started.
I tried investigating into this issue, and what I felt like there is some sort of error in the ESM database. Now really not sure of that though. My colleagues even suggested that could be an issue at the AD end. But again to what they suggested I can't agree as if it were something related to AD how could it affect any property of the SIEM. Since both AD and SIEM are independent in terms of their existence, except we only define user type on SIEM for entities available on AD.
I need help on how exactly I could troubleshoot such an issue.