Forum Discussion
szkoszegi666
Jul 28, 2022Copper Contributor
Create Servicenow tickets only for incidents above Medium Severity
Hi there - I deployed the following Logic App to open Servicenow tickets for Sentinel incidents and it works fine. https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Create-SNOW-reco...
SteTanuki
May 10, 2024Copper Contributor
I realise this is super old now but just in case anyone stumbles across this.
The way to resolve this would be to set the criteria at the automation rule level in Sentinel.
Trigger on all incidents where severity == Medium or seveirty == high
This way the playbook will only run when the incidnet hits those criteria in advance
The way to resolve this would be to set the criteria at the automation rule level in Sentinel.
Trigger on all incidents where severity == Medium or seveirty == high
This way the playbook will only run when the incidnet hits those criteria in advance