Forum Discussion
Solved
How to Investigate incidents following best practice - Sentinel Automation
I have successfully created a playbook that is supposed to automate investigation in MDE, It will then add a comment to the incident and post a message via email to me. I then created an automa...
You need to set at least one entity mapping in the Rule Logic, to make the Investigate button active
You need to set at least one entity mapping in the Rule Logic, to make the Investigate button active