How to Investigate incidents following best practice - Sentinel Automation

I have successfully created a  playbook that is supposed to automate investigation in MDE, It will then add a comment to the incident and post a message via email to me.

 I then created an automation rule that has a condition that checks if the TITLE of the incident is xxxxxx it should change the severity of the incident to high, status to new, and run the created playbook. 

In order to trigger it, I then created an incident with the name xxxxxx that has severity medium and status new.

Results:

The incident changes status from new to active and severity from medium to high but the playbook did not run or provide me with more details of the incident, instead, I get this alert message : 

The investigation graph requires that your incident includes entities (for example: user, host, IP, etc.). Use the entity mapping option when defining your alerts

While the investigate button is grey 

Kindly advice.

thank you