Forum Discussion
Playbooks not triggering- Extended
Hi Experts, I need your assistance in creating a playbook using Logic Apps for Azure Sentinel. In Sentinel, I have an analytical rule for Impossible travel activity which runs every 4 hours a...
Pranesh1060 Try using the GetAccounts action in the Azure Sentinel logic app connector. It will return all the Accounts for the Incident so, in your case, it should have the various users. Then do a loop through the values and create a ticket for each one .
I am doing exactly that, but when the alert is triggered instead of the event details the alert details are being published, which has no info about the event that has occurred and contains the exact query in the extended properties column, I am not sure where exactly is it going wrong.
Any help would be appreciated.
Pranesh1060 can you list what it is you are wanting to see and what it is you are seeing? Maybe it is just a matter of exposing the correct fields in the query.
