Forum Discussion
Solved
Add comment to incident with IP information
Greetings everyone! I am currently trying to set up a playbook that takes the IP from a incident, looks up this ip(ip lookup or other similar services), and places a comment on the incident regar...
- Hi
The Azure Sentinel Github page is an awesome resource as it's actively maintained by the Sentinel team.
Here are a few examples:
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-IPReputation
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-GeoFromIpAndTagIncident
https://secureinfra.blog/2020/09/03/how-to-add-geographical-data-for-ip-addresses-to-an-azure-sentinel-incident/
I have been playing around with Logic Apps heavily. So feel free to reply if you are stuck somewhere
Hi
The Azure Sentinel Github page is an awesome resource as it's actively maintained by the Sentinel team.
Here are a few examples:
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-IPReputation
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-GeoFromIpAndTagIncident
https://secureinfra.blog/2020/09/03/how-to-add-geographical-data-for-ip-addresses-to-an-azure-sentinel-incident/
I have been playing around with Logic Apps heavily. So feel free to reply if you are stuck somewhere
The Azure Sentinel Github page is an awesome resource as it's actively maintained by the Sentinel team.
Here are a few examples:
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-IPReputation
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Get-GeoFromIpAndTagIncident
https://secureinfra.blog/2020/09/03/how-to-add-geographical-data-for-ip-addresses-to-an-azure-sentinel-incident/
I have been playing around with Logic Apps heavily. So feel free to reply if you are stuck somewhere
This looks exactly like what i need. Let's see if i can make it work for my environment. Thank you : )
