Forum Discussion
Dean_Gross
Dec 08, 2022Silver Contributor
MDI Health Alerts - Send to Sentinel
What is the best way to ensure that MDI health alerts like "Directory Services Advanced Auditing is not enabled" show as an alert in Sentinel?
Dean_Gross
Jan 02, 2023Silver Contributor
FYI, for anyone else interested in this topic, an approach is described here https://cloudbrothers.info/en/integrate-mdi-health-alerts-microsoft-sentinel/
Docyx
Nov 22, 2023Copper Contributor
Hi everyone
I created an analytics rule based on the Cloudbrother tutorial.
But the problem with this is that we cannot retrieve the name of the DC that has an issue. Is it possible to extract the content of the e-mails or something ?
I would like to be able to add the DC's name to the created incident.
My final goal is to send the health alerts, with the DC concerned into a Microsoft Teams discussion, so if there is an alternative or more direct way to do this I would be happy to know it.
Does anyone have any idea how to do this ?