Forum Discussion

MiteshAgrawal's avatar
MiteshAgrawal
Brass Contributor
Feb 27, 2020

How to export Incident list from Azure Sentinel?

Hi Team,   We have a requirement to export all incidents generated in Azure Sentinel and update customer with the incident which were false positives, true positives, etc.   How can we achieve th...
GaryBushey's avatar
GaryBushey
Bronze Contributor
Feb 27, 2020

MiteshAgrawal You are correct that you cannot do this via the console.  You can however make some PowerShell calls to get this information.

 

I have a blog post that tells you how to do this: https://www.garybushey.com/2020/01/11/your-first-azure-sentinel-rest-api-call/

 

I also have on that shows you how to export the same data into PowerBI to make some nice charts and graphs: https://www.garybushey.com/2020/01/20/azure-sentinel-incidents-in-powerbi/

MiteshAgrawal's avatar
MiteshAgrawal
Brass Contributor
Feb 27, 2020

Hi GaryBushey ,

 

The links aren't accessible. Please help.


Regards,

Mitesh Agrawal

  • GaryBushey's avatar
    GaryBushey
    Bronze Contributor
    Feb 28, 2020

    MiteshAgrawal  Looks like my server is down.  I'll see about getting it back up.  Thanks for letting me know