03-05-2019 08:53 AM
I see documentation for how to create KQL queries within the Azure Sentinel panel. Is there a way to query via an API, by using a a cURL request, for example?
03-11-2019 05:27 PM
Are there any plans to add externally-exposed APIs - for example, being able to query Sentinel for alerts, change alert statuses, etc?
I looked through the GitHub repo and didn't see anything really referencing that (primarily related to Notebooks and Hunting Queries).
Is there perhaps any documentation around any externally-exposed APIs like that that you can pass along?
03-11-2019 05:38 PM
@Marticus2425 Azure Sentinel alerts are available for query via Graph Security API. Here's the link to that documentation.
03-12-2019 01:02 PM
Azure Sentinel API is coming soon so you can query cases, manage them and update rules as well.
11-13-2019 05:43 AM