Azure-Sentinel icon indicating copy to clipboard operation
Azure-Sentinel copied to clipboard

Published 20 hours ago verified publisher icon Azure

Add "Create Alert" to LogicApp Integration

Open ETMRidge opened this issue 2 years ago • 6 comments

Is your feature request related to a problem? Please describe. N/A

Describe the solution you'd like An addition to the Azure Sentinel Logic App Integration options to include "Create Alert". This would be useful to add, as if a logic app was triggered and detected an artefact through an open source Threat Intelligence platform(AbuseIPDB, Greynoise, Virustotal), it would display in the timeline of the incident investigation.

Describe alternatives you've considered Using the "add comment" integration. However, this does not display the information as I would like it to do so.

Additional context

ETMRidge avatar Sep 28 '22 15:09 ETMRidge

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] avatar Sep 28 '22 15:09 github-actions[bot]

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] avatar Oct 07 '22 18:10 github-actions[bot]

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] avatar Oct 07 '22 18:10 github-actions[bot]

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] avatar Oct 07 '22 18:10 github-actions[bot]

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] avatar Oct 07 '22 18:10 github-actions[bot]

Hi @ETMRidge - thank you for the feedback and idea for additional action in Microsoft Sentinel Logic App connector. Tagging @lior-tamir for visibility. Is there a reason why not to add this as a bookmark once detected?

BenjiSec avatar Oct 14 '22 13:10 BenjiSec

Hi @ETMRidge, Closing this issue and there is no update. Feel free to reopen if you need assistance on this issue.

v-amolpatil avatar Feb 14 '23 05:02 v-amolpatil

Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal.

github-actions[bot] avatar Feb 14 '23 05:02 github-actions[bot]