Incident statistics querying (for a powerbi dashboard)

mclaes · ‎Feb 14 2020

hey all,

I'm creating a PowerBI dash to report on some SOC statistics for the wider IT org to look at. Getting an alert view in is easy using a KQL query in PowerBI format.

But I don't see how I can get to Incident statistics. Looking to show Nr of incidents per status / priority .. etc. Is there a way to do this?

thanks!

mclaes · ‎Feb 14 2020

@mclaes Take a look at my blog post to see if that answers your questions. https://www.garybushey.com/2020/01/20/azure-sentinel-incidents-in-powerbi/

mclaes · ‎Feb 19 2020

Hey Gary,

Thanks alot for your howto guide! Managed to create a similar dashboard in under 30' :)

I did however needed to change the "& " in your Power Query code snippet back to a "&" to get the query to work.

Gary Bushey · ‎Feb 19 2020

@mclaes Thanks for that tip. Perils of cut and paste :)

Incident statistics querying (for a powerbi dashboard)

Incident statistics querying (for a powerbi dashboard)

Re: Incident statistics querying (for a powerbi dashboard)

Re: Incident statistics querying (for a powerbi dashboard)

Re: Incident statistics querying (for a powerbi dashboard)

Products (64)

Special Topics (44)

Video Hub (976)

Most Active Hubs

Most Active Hubs

Video Hub

Incident statistics querying (for a powerbi dashboard)

Incident statistics querying (for a powerbi dashboard)

Re: Incident statistics querying (for a powerbi dashboard)

Re: Incident statistics querying (for a powerbi dashboard)

Re: Incident statistics querying (for a powerbi dashboard)