Mar 01 2021 08:31 PM - edited Mar 01 2021 08:32 PM
Hello, we have trigger the rule "Automatically create incidents from Microsoft security alerts" and generate incidents successfully. However, we have no idea how to connect these kind of incidents (from security center) with notification email playbook of other sentinel rules. We know there is a notification setting in Security center. Is it possible to set the auto playbook for the incidents from Microsoft security alerts?
Mar 02 2021 05:07 AM
@cklonger As of right now, you cannot do it. There is a private preview that, hopefully, will become a public preview soon that will allow this to occur.
Mar 02 2021 12:06 PM
Apr 01 2021 02:35 AM