Forum Discussion
amitcohen
Microsoft
MicrosoftWebinar: Sentinel IT/OT Threat Monitoring
Join us on Thursday 28.7 for a webinar on Sentinel IT/OT Threat Monitoring with Defender for IoT solution.
Learn how Defender for IoT's built-in integration with Sentinel helps bridge the gap betwe...
amitcohenMicrosoft
MicrosoftHi Dean_Gross ,
It is possible to define in Sentinel whether you want to create a separate incident for each Defender for IoT alert or whether you want to group a few alerts into the same incident.
amitcohen I understand that option exists, I just don't understand why it would be necessary. All of the alerts shown in the demo are obviously part of the same incident, so how come they were not correlated automatically? This is supposed to be one of the key benefits of Sentinel