Connectors and incidents

Copper Contributor

Hello guys,
If we use built-in connectors for Azure Sentinel, would the alerts and incidents get generated automatically, or do we need to create manual rules for generating them in KQL?

1 Reply
There are quite a lot of templates ready to use with the built-in connectors: https://docs.microsoft.com/en-us/azure/sentinel/tutorial-detect-threats-built-in They need to be turned on manually though 🙂