Forum Discussion
can we auto update Watchlist in azure sentinel?
Is there any possible way to update watchlist automatic from some daily updated IOC. Scenario ---> As currently in my organization we have repository where we update IOC in CSV on daily basis, s...
You can use the api to perform the updates https://docs.microsoft.com/en-us/rest/api/securityinsights/watchlists/create-or-update - maybe using Logic Apps (Playbooks), this is an example that uses a Watchlist that you maybe able to adapt