Microsoft Secure Tech Accelerator
Apr 13 2023, 07:00 AM - 12:00 PM (PDT)
Microsoft Tech Community

MDCA Connector in Sentinel does not produce incidents


Hello folks,


I have enabled the MDCA connector in Sentinel and while it has generated enough metrics (refer screenshot), I am not seeing any incidents in Sentinel from this connector whereas I have adequate amount of recent alerts in MDCA. Also, one unusual thing is that when I reconfigured the SIEM agent in MDCA, the option to add says 'Azure Sentinel' and not 'Microsoft Sentinel' (screenshot attached).

Please share your insights on this.




2 Replies


Have you made sure the incident creation is enabled for the connector?

You can check this if you click the "Open connector page" button shown in your screenshot.



@Jonhed yes I have enabled the relevant analytic rules for this connector as well.