Forum Discussion
Playbooks not triggering automatically when an alert is generated
Hi All, I'm trying to send an email notification when an alert is triggered in Sentinel. I've created a playbook using the "When a response to an Azure Sentinel alert is triggered" trigger and at...
Hi Folks,
I was going through this with Microsoft and came to know that when an alert is triggered from any other source other than Azure Sentinel, the playbook will not get triggered automatically.
Consider this example : You have an alert in MCAS and is forwarded to Sentinel, you will be able to see the alert in Sentinel with source name as "MCAS", but it will not trigger the playbook automatically. However, if you have an analytical rule in Azure sentinel that queries and triggers the same alert as per the schedule only then the playbook will be triggered.
Automatic triggering of playbooks from different sources via Sentinel is currently in preview.
I have been trying to simulate the same in our environment as to no yield. You might try this as well and let everyone know if this works.
Please do correct me if I am wrong.
I'm having the exact same issue 5 months after this thread stopped,
Open case with MS and they admit the Sentinel trigger does not work consistently, kind of critical in my view for a SIEM,
