Forum Discussion
MDCA Connector in Sentinel does not produce incidents
Hello folks,
I have enabled the MDCA connector in Sentinel and while it has generated enough metrics (refer screenshot), I am not seeing any incidents in Sentinel from this connector whereas I have adequate amount of recent alerts in MDCA. Also, one unusual thing is that when I reconfigured the SIEM agent in MDCA, the option to add says 'Azure Sentinel' and not 'Microsoft Sentinel' (screenshot attached).
Please share your insights on this.
2 Replies
Have you made sure the incident creation is enabled for the connector?
You can check this if you click the "Open connector page" button shown in your screenshot.
Jonhed yes I have enabled the relevant analytic rules for this connector as well.
