Oct 21 2021 01:42 AM
Hello!
Hoping someone can help... I'm looking to create an email notification based on if the number of open incidents is greater than X value. Has anyone achieved this or can provide pointers, or guidance in setting up a playbook or similar to achieve this?
Thanks 🙂
Oct 21 2021 05:09 AM
For looking at Incidents this may help Re: How to show amount of query results as entity on incident created in Azure Sentinel - Microsoft ... you then you can use one of the two templates for an example Playbook to send the email