Forum Discussion
How to generate Sentinel incidents to test playbooks?
Is there a tool or way to generate specific incidents in Sentinel so that we can test playbooks? Right now I am having to actually attempt to brute force a resource to generate an incident, is th...
ReccoB You can use the script found here https://gallery.technet.microsoft.com/PowerShell-script-to-0823e09d with some modifications to upload some dummy data into a custom log, create an analytics rule that looks for that information, and then assign a Playbook to that rule.
Keep in mind that this can only write to a custom log hence the need for a new analytics rule (or change an existing one to look at the custom log)