cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

API for Sentinel Alerts and Cases

punkrokk
Copper Contributor

‎Mar 01 2019 09:34 AM

‎Mar 01 2019 09:34 AM

API for Sentinel Alerts and Cases

Where can I find docs to query new alerts and cases and interact with then in Azure Sentinel.

10.2K Views
0 Likes
22 Replies
Reply
22 Replies
Gary Bushey

‎Jul 09 2021 05:00 PM

‎Jul 09 2021 05:00 PM

Re: API for Sentinel Alerts and Cases

@dinvlad I don't see anything about creating alerts, only incidents.  Is there a reason you would rather create an alert?

0 Likes
Reply
dinvlad

‎Jul 10 2021 02:04 PM

‎Jul 10 2021 02:04 PM

Re: API for Sentinel Alerts and Cases

@Gary Bushey tbh I'm just looking for a way to "import" alerts, recommendations, findings, security score and compliance reports from Event Hub into either Security Center or Sentinel (I don't really care which one). So far there appears to be no way to do it from what I can tell, other than maybe through Sentinel incidents like you noted. Any other ideas here? Thanks

0 Likes
Reply
Gary Bushey

‎Jul 12 2021 03:27 AM

‎Jul 12 2021 03:27 AM

Re: API for Sentinel Alerts and Cases

@dinvlad The only thing that comes to mind is to create a Logic App that reads the Event Hub and uses the Azure Monitor action to write an entry to a custom log in Azure Sentinel.

1 Like
Reply