Contributing events for some findings might be missing.

Some detections detect a lack of something. For example, the "Endpoint - Should Timesync Host Not Syncing - Rule" detects a lack of successful time synchronization events for a particular host. Another example is the "Audit - Expected Host Not Reporting - Rule" that detects a lack of data from a host.

When findings are created for these hosts, it is possible that "No results found" is displayed for contributing events.

You can use the time range picker to expand the time range for identifying when the lack of events occurred, but it's possible that "No results found" will persist because the host never did the thing it was supposed to do.