Forum Discussion
Sentinel watchlist updates
I want to be able to update a watch list using a CSV file stored in SharePoint. Whenever the file gets updated, an update gets pushed or pulled into Microsoft Sentinel. How can I go about doing this?
Hello Saeed Sheikh ,
You can build a Logic App for that.
Look here for playbooks related to watchlists Azure-Sentinel/Playbooks at master · Azure/Azure-Sentinel (github.com)
And here you have an example of integration with SharePoint: Using Azure Logic App to pull files from Microsoft SharePoint | by Caio Moreno | Medium
2 Replies
Hello Saeed Sheikh ,
You can build a Logic App for that.
Look here for playbooks related to watchlists Azure-Sentinel/Playbooks at master · Azure/Azure-Sentinel (github.com)
And here you have an example of integration with SharePoint: Using Azure Logic App to pull files from Microsoft SharePoint | by Caio Moreno | Medium
Thank you mikhailf for your response. I will look further into the links you shared.
