Forum Discussion
Retrieve "dismiss alert" logs in Sentinel
Hello everyone , I hope you all doing well, I'm trying to retrieve the dismiss alerts logs for MCAS in Azure Sentinel using Azure Log Analytics, however I don't have the raw data as usual which...
Sarah_Young I am looking to be able to write a playbook, which will close an MCAS alert in Sentinel and dismiss the corresponding alert in MCAS.
Sarah_Young
Microsoft
Microsoftsammyredo please look at this example in our Github repo:
https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Resolve-McasInfrequentCountryAlerts
Sarah_Young Thank you. This should work