Home

Azure Sentinel API Documentation

%3CLINGO-SUB%20id%3D%22lingo-sub-927261%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Sentinel%20API%20Documentation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-927261%22%20slang%3D%22en-US%22%3EHello!%3CBR%20%2F%3E%3CBR%20%2F%3EYou%20probably%20check%20out%20the%20Qradar%20documentation%3A%20but%20other%20then%20this%20way%20I%20dont%20know%20and%20if%20you%20find%20a%20way%20please%20let%20me%20know!%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fwww.ibm.com%2Fsupport%2Fknowledgecenter%2FSS42VS_DSM%2Fcom.ibm.dsm.doc%2Ft_dsm_guide_microsoft_azure_enable_event_hubs.html%3Fcp%3DSS42VS_7.3.1%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.ibm.com%2Fsupport%2Fknowledgecenter%2FSS42VS_DSM%2Fcom.ibm.dsm.doc%2Ft_dsm_guide_microsoft_azure_enable_event_hubs.html%3Fcp%3DSS42VS_7.3.1%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThanks!%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-927943%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Sentinel%20API%20Documentation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-927943%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F426650%22%20target%3D%22_blank%22%3E%40ericjk4%3C%2FA%3E%26nbsp%3BI%20would%20agree.%26nbsp%3B%20If%20there%20is%20an%20API%20you%20can%20call%20from%20Sentinel%20you%20can%20use%20a%20Logic%20App%20to%20send%20the%20data%20to%20that%20API%20to%20generate%20the%20incident.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-927128%22%20slang%3D%22en-US%22%3EAzure%20Sentinel%20API%20Documentation%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-927128%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Team%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20requirement%20to%20integrate%20azure%20sentinel%20with%20IBM%20Qradar%2FIBM%20Resilient%20for%20centralized%20incident%20management.%20I.e.%20we%20will%20send%20all%20the%20incidents%20generated%20in%20azure%20sentinel%20to%26nbsp%3BIBM%20Qradar%2FIBM%20Resilient.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20we%20have%20Azure%20Sentinel%20API's%20and%20documentation%20available%20%3F%20Please%20confirm.%20Tx%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-927128%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Sentinel%20API%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Pavan_Gelli
New Contributor

Hi Team,

 

We have requirement to integrate azure sentinel with IBM Qradar/IBM Resilient for centralized incident management. I.e. we will send all the incidents generated in azure sentinel to IBM Qradar/IBM Resilient.

 

Do we have Azure Sentinel API's and documentation available ? Please confirm. Tx

2 Replies
Hello!

You probably check out the Qradar documentation: but other then this way I dont know and if you find a way please let me know!
https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_dsm_guide_microsoft_azure_e...


Thanks!

@ericjk4 I would agree.  If there is an API you can call from Sentinel you can use a Logic App to send the data to that API to generate the incident.

Related Conversations
Creating new field in logs based on existing one
majo1 in Azure Sentinel on
4 Replies
Managing lists
omrip in Azure Sentinel on
3 Replies
Microsoft ATA RESTful API
rovish2204 in Microsoft Advanced Threat Analytics on
1 Replies
Excel WEBSERVICE #Value Error
rutul96 in Excel on
1 Replies