How to export Incident list from Azure Sentinel?

Brass Contributor

Hi Team,


We have a requirement to export all incidents generated in Azure Sentinel and update customer with the incident which were false positives, true positives, etc.


How can we achieve this? I didn't find any option to export incidents in the console.


Please help.



Mitesh Agrawal

3 Replies

@MiteshAgrawal You are correct that you cannot do this via the console.  You can however make some PowerShell calls to get this information.


I have a blog post that tells you how to do this:


I also have on that shows you how to export the same data into PowerBI to make some nice charts and graphs:

Hi @Gary Bushey ,


The links aren't accessible. Please help.


Mitesh Agrawal

@MiteshAgrawal  Looks like my server is down.  I'll see about getting it back up.  Thanks for letting me know