Forum Discussion
API for Sentinel Alerts and Cases
Where can I find docs to query new alerts and cases and interact with then in Azure Sentinel.
Are there any plans to add externally-exposed APIs - for example, being able to query Sentinel for alerts, change alert statuses, etc?
I looked through the GitHub repo and didn't see anything really referencing that (primarily related to Notebooks and Hunting Queries).
Is there perhaps any documentation around any externally-exposed APIs like that that you can pass along?
Thanks!
Marticus2425 Azure Sentinel alerts are available for query via Graph Security API. Here's the link to that documentation.
https://docs.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-beta