Feb 25 2021 06:02 PM
Hi All ,
I have created a playbook in Azure Sentinel to trigger a ticket in Service Now for high severity incident in sentinel. Although I have deployed the playbook successfully but when I run trigger it always fail on the Alert - Get incident step with 404 resource not found. Are there any special permissions needed ?
What am i missing? Any info from someone that already deploy it ?
Here is the output at Alert-get incident connector :
Can someone help me to fix this issue ?
Mar 10 2021 01:59 PM
Mar 11 2021 10:20 AM
Mar 13 2021 07:50 PM
Mar 18 2021 02:28 AM
Mar 18 2021 09:56 PM
Mar 18 2021 09:56 PM
Mar 18 2021 10:02 PM
Mar 21 2021 02:11 AM
There is a build in delay action, look for it in the search bar in the actions selector.
But again, I highly recommend you to check your playbook and make it run as you expected so you will be able to run in as a result for Incidnet automation (which is currently in gradual released and will be fully released in a week or two)
~Yaron 🙂