How to use 'When Azure Sentinel incident creation rule was triggered' trigger in playbook

Hi,

I have the same problem. I have been trying to set incident e-mail notifications during many days but never have achieved the desired result.

If you set the alert starting with "When a repsonse to an Azure Sentinel alert is triggered" the dynamic options they give you are so poor. You can not add the incident URL (which I think it is so basic!)  and also if you want to see IP and users you have to parse with JSON format and take that values from there. But the result it is not the desired because the IP and users, Azure Sentinel treat them as individual entities so it is impossible to take them with some logic (for example, something so basic: IP 10.10.10.10 with USER Federico). Moreover, if you do something like this you will receive as many e-mails as entities appear in the alert!

On the other hand, if you put this in a dynamic HTML table, then the table also won't have much sense because will appear the entities with no relation too.

The next step I have tried is about alert type "When Azure Sentinel incident creatin rule was triggered". Here it seems they provide you with more dynamic options (url from incident, IP, users...), it seems this option has all what I need (and probably what most users need) but this alert does not work fine! If you go to an incident and try to execute this playbook is as simple as this playbook does not appear!

Microsoft please, do something about all this, it has no sense at all. And lot of clients are "playing" and using Azure Sentinel because it is suposed to be a nice product. But not for now.