API Power BI Report

Question

Hallo community,&nbsp;i have to build a Power BI Report. I need all incidents and their alerts from Sentinel.Which API can get me the data for all incidents and alerts?I am confused because there are Sentinel Managment API, HTTP Data Connector, Log Analytics and Graph Security API.

clive_watson · Answer

This thread may help if you need a Incident and Alerts type query (as an example you can tweak): https://techcommunity.microsoft.com/t5/microsoft-sentinel/how-to-get-the-real-count-of-incidents-in-microsoft-sentinel/m-p/3102751

clive_watson · Answer

https://docs.microsoft.com/en-us/rest/api/securityinsights/preview/incidents (Alerts are in this list as well)

garybushey · Answer

CanerHan&nbsp;Your best bet is to create the needed query in MS Sentinel's Logs area&nbsp; and then use the Export command in the header to export to PowerBI.&nbsp; It will create a text file that will tell you how to get the data into PowerBI.&nbsp;

Forum Discussion

API Power BI Report

Share

Resources