Forum Discussion
E-mail Alert Upon Creation of New Incident
I would like to set-up the following: 1) Email alerts any time a new incident is auto generated "Create incidents based on all alerts generated." template. I've tried using the "When a response...
The playbook will not run because Sentinel doesn't want to automatically run playbooks if you don't specify it in the analytic rule.
If the incident/alert is automatically created then you can make a analytic rule and query to filter on a specific incident/alert and then check mark that specific playbook you created.
Now that the analytic rule is created, it will trigger the playbook based on the query parameters you specified.
If the incident/alert is automatically created then you can make a analytic rule and query to filter on a specific incident/alert and then check mark that specific playbook you created.
Now that the analytic rule is created, it will trigger the playbook based on the query parameters you specified.
