Forum Discussion
Microsoft Graph API missing data
I'm using the Graph API to try to query the incidents in Sentinel, however not all of the data is populating properly. The data that is especially useful for the purpose of this API call is the f...
If you are happy to use an api you can use the Azure Sentinel api (preview), like I show here (I use a Workbook but you can use your preferred tool): https://techcommunity.microsoft.com/t5/azure-sentinel/using-the-sentinel-api-to-view-data-in-a-workbook/ba-p/1386436 and as Gary alludes to, things are planned for Incidents - more news soon
Direct link to latest version: https://github.com/CliveW-MSFT/KQLpublic/blob/master/KQL/Workbooks/api%20test%20v1.4.2.workbook which allows you to filter to see Comments, Bookmarks are in a seperate api.
Awesome, thanks for the information guys! I'll test this out this week and see how it performs.
Can't wait to hear the news.