Forum Discussion
API for Sentinel Alerts and Cases
Where can I find docs to query new alerts and cases and interact with then in Azure Sentinel.
kobiga Is there any update yet? I can't find the Incidents API.
SanderWannet the Azure Sentinel API is in preview and examples can be found here: https://github.com/Azure/azure-rest-api-specs/tree/master/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/examples
To query for incidents you can make a get request to:
https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/microsoft.operationalinsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/?api-version=2019-01-01-preview