Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Azure Sentinel API Documentation

Copper Contributor

Hi Team,

 

We have requirement to integrate azure sentinel with IBM Qradar/IBM Resilient for centralized incident management. I.e. we will send all the incidents generated in azure sentinel to IBM Qradar/IBM Resilient.

 

Do we have Azure Sentinel API's and documentation available ? Please confirm. Tx

6 Replies
Hello!

You probably check out the Qradar documentation: but other then this way I dont know and if you find a way please let me know!
https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_dsm_guide_microsoft_azure_e...


Thanks!

@ericjk4 I would agree.  If there is an API you can call from Sentinel you can use a Logic App to send the data to that API to generate the incident.

Have you explored the option of using the graph API?

@Ofer_Shezaf Do you have the link to this blog post ?!