Microsoft Sentinel automation rules to manage response | Logic Apps | Automation Rules | Playbooks
4.3 هزار بار بازدید -
2 سال پیش
-
Do you want this automation
Do you want this automation to be activated when new incidents (or alerts, in preview) are created? Or any time an incident gets updated?
Automation rules are triggered when an incident is created or updated (the update trigger is now in Preview) or when an alert is created (also in Preview). Recall that incidents include alerts, and that both alerts and incidents are created by analytics rules, of which there are several types, as explained in Detect threats with built-in analytics rules in Microsoft Sentinel.
https://learn.microsoft.com/en-us/azu...
https://learn.microsoft.com/en-us/azu...
https://azurecloudai.blog/2022/09/22/...
Automation rules are triggered when an incident is created or updated (the update trigger is now in Preview) or when an alert is created (also in Preview). Recall that incidents include alerts, and that both alerts and incidents are created by analytics rules, of which there are several types, as explained in Detect threats with built-in analytics rules in Microsoft Sentinel.
https://learn.microsoft.com/en-us/azu...
https://learn.microsoft.com/en-us/azu...
https://azurecloudai.blog/2022/09/22/...
2 سال پیش
در تاریخ 1401/08/23 منتشر شده
است.
4,387
بـار بازدید شده