Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Connectors and incidents

Copper Contributor

Hello guys,
If we use built-in connectors for Azure Sentinel, would the alerts and incidents get generated automatically, or do we need to create manual rules for generating them in KQL?

1 Reply
There are quite a lot of templates ready to use with the built-in connectors: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-built-in They need to be turned on manually though :)