Trigger a Playbook on Sentinel Alert

Copper Contributor

Hello,

I need to trigger a playbook to notify some contacts via email once a Sentinel alert has a match.

What I've tried so far:

- I've created an alert rule that shows a few matches in Analytics tab and corresponding cases were opened automatically.

- I've also used Logic App designer to create a playbook with "When a response to an Azure Sentinel alert is triggered" as a trigger and "Send email" as an action, no email was ever received, actually the playbook was never triggered.

 

So how can I get Sentinel to notify via email once an alert is raised.

Thanks.

4 Replies

Also, is there an ETA for this response automation (triggered playbooks) shown in the screenshot?

 


coming soon.PNG

Thanks.

@bornagainshell this should be available in preview in the next couple weeks. @Koby Koren 

@Shalini Pasupneti Has this preview been released yet?

@bornagainshell did you manage to get this working? I'm still unable to get playbooks to run automatically when a sentinel alert is generated.

 

Thanks