Forum Discussion
Is there a way to aggregate multiple alerts into one incident in Sentinel
Within Sentinel we see alerts from various different portals such as Defender Security Center. In the Defender Security Center we have one overview for alerts and one for incidents. One Defender inci...
Sarah_Young
Microsoft
MicrosoftCurlX have you looked at the Analytic Wizard recently? We now have the ability to group alerts into one incident in public preview:
is there a way to aggregate multiple custom alerts into one incident in Sentinel, i mean 2 different alerts generating one incident
- That is not possible right now. Not sure if there are any plans to do this in the future
