Jun 14 2021 07:33 AM
What is the best approach to take to pull alerts/incidents from non-scheduled rule queries, such as Azure AD Identity Protection) into the MSSP Tenant?
Should it be done by using cross-workspace queries to create a custom query that pulls in events from the SecurityAlert table with the rule frequency being near real-time to mimic the events coming in from particular connectors? Or is there an easier, built-in method?
Jun 15 2021 06:35 AM
Jun 15 2021 06:41 AM
Jun 15 2021 06:44 AM
Jun 15 2021 06:47 AM
Jun 15 2021 06:51 AM