Forum Discussion
How to generate Sentinel incidents to test playbooks?
Is there a tool or way to generate specific incidents in Sentinel so that we can test playbooks? Right now I am having to actually attempt to brute force a resource to generate an incident, is th...
I found this article interesting on how to test playbooks.
https://azsec.azurewebsites.net/2020/01/19/notify-azure-sentinel-alert-to-your-email-automatically/
https://azsec.azurewebsites.net/2020/01/19/notify-azure-sentinel-alert-to-your-email-automatically/
Singanna Just remember there are two types of playbooks (the incident based ones came out after that article was written) and, as of right now, only those that use the Alert trigger can be triggered manually but those cannot be added to Automation rules.
The playbooks that use the incident trigger cannot be triggered manually but can be added to Automation rules.
- Hi Gary,
Thanks for the clarification.
