Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

API Power BI Report

Copper Contributor

Hallo community,

 

i have to build a Power BI Report. I need all incidents and their alerts from Sentinel.

Which API can get me the data for all incidents and alerts?

I am confused because there are Sentinel Managment API, HTTP Data Connector, Log Analytics and Graph Security API.

3 Replies

@CanerHan Your best bet is to create the needed query in MS Sentinel's Logs area  and then use the Export command in the header to export to PowerBI.  It will create a text file that will tell you how to get the data into PowerBI.

GaryBushey_0-1645528901770.png

 

This thread may help if you need a Incident and Alerts type query (as an example you can tweak): https://techcommunity.microsoft.com/t5/microsoft-sentinel/how-to-get-the-real-count-of-incidents-in-...