laraib-khanBrass ContributorJoined Dec 12, 202210 Posts4 LikesLikes received1 SolutionView All Badges
Recent DiscussionsMost RecentNewest TopicsMost LikesSolutionsTagged:TagRe: Automation Rules Not TriggeringCan you please post Automation rule screenshot where you defined these conditions?Re: How to generate Sentinel incidents to test playbooks?You can use my tool to generate sample CEF logs in a Linux machine but you'll need it connected to Sentinel. https://github.com/mlaraibkhan/CEF-LogGeneratorRe: Automation Rule and PlaybooksAutomation Rule: Set conditions to send Sentinel Incidents to an automation workflow or playbook. Playbook: Execute course of action (require API integrations with connectors). They are more complex and require deep knowledge.Re: Kusto Explorer - So Many Tables!There's no automated way to connect KQL or any kind of Sentinel content back to GitHub. The best practice would be to manually copy KQL and paste them using the GitHub desktop + Sublime text or vs code. Otherwise, all efforts will be lost.How to Manage Permissions in Sentinel Workspace to Edit Given Workbooks Hi There! Is there a way to manage workspace permissions which gives rights to edit only a given number of workbooks in Microsoft Sentinel?
