Forum Discussion
DGMalcolm
Nov 12, 2021Iron Contributor
Simplest way to get email notifications for Analytics Rules
Taking over for a recent employee departure and totally new to the Azure Sentinel space. A couple years of Azure experience so I can get around. I see that the previous admin enabled a bunch of a...
- Nov 14, 2021The easiest way would be to create a small playbook that generates and sends an email on incident/alert generation. There is an example here - https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Send-email-with-formatted-incident-report (I haven't used it personally but there are a heap of examples around).
Then in your analytics rule create an automation rule that triggers the playbook on alert generation.
Ciyaresh
Jan 29, 2024Brass Contributor
m_zorich Do you have this playbook by any chance? I had a edited version of this one myself where I added another row to show entities but deleted the whole playbook by mistake when deleted the resource group. Now I can't find the original version of this playbook anymore.
DGMalcolm
Jan 31, 2024Iron Contributor
You should be able to find that playbook in "Sentinel SOAR Essentials" in the Content Hub.