Forum Discussion
API for Sentinel Alerts and Cases
Where can I find docs to query new alerts and cases and interact with then in Azure Sentinel.
dinvlad I don't see anything about creating alerts, only incidents. Is there a reason you would rather create an alert?
GaryBushey tbh I'm just looking for a way to "import" alerts, recommendations, findings, security score and compliance reports from Event Hub into either Security Center or Sentinel (I don't really care which one). So far there appears to be no way to do it from what I can tell, other than maybe through Sentinel incidents like you noted. Any other ideas here? Thanks
dinvlad The only thing that comes to mind is to create a Logic App that reads the Event Hub and uses the Azure Monitor action to write an entry to a custom log in Azure Sentinel.