Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Sentinel incidents to event hub

Copper Contributor

I know when the alert rule triggers you can call a logic app but that is only a single trigger point.  Is there a plan to be able to sent the events to an event hub that might be able to have multiple system listening to it?

2 Replies
Yes, Logic Apps has an action to send information to an Event Hub so you can forward any information you gather from the Sentinel event and pass it to an Event Hub or Event Grid

Thanks @Gary Bushey; I have used that in the past with other deployments, was just hoping for an internal mechanism that wouldn't require additional costs of the logic app along with another piece to monitor for failure and recovery.