Forum Discussion
Playbook (Logic App) - trigger - When Azure Sentinel incident creation rule was triggered
Hi i am attempting to use the trigger "When Azure Sentinel incident creation rule was triggered" that's in preview. but the playbook is not triggered even if i know that i have a new inciden...
Ofer_Shezaf
Microsoft
MicrosoftPrashTechTalk : I am not aware that the private preview does not work. That said, the feature will be supported as part of a larger motion to enhance Sentinel automation, called automatoin rules, which is entering private preview as we speak.
Hi everyone,
Do these logic apps/playbooks still need to be attached to every single analytics rule?
I'd like to create a 'global' playbook to add contextual information to every incident.
eg. apply MITRE SHIELD information to every incident's comment section.
I'm not eager to go to all 300 analytic rules and assign a playbook.
Do these logic apps/playbooks still need to be attached to every single analytics rule?
I'd like to create a 'global' playbook to add contextual information to every incident.
eg. apply MITRE SHIELD information to every incident's comment section.
I'm not eager to go to all 300 analytic rules and assign a playbook.