How to ingest Advanced Hunting events into Azure Event Hub and recreate incidents

Patrik Jakus 1 Reputation point
2022-12-07T10:42:40.193+00:00

We want to use REST API to list incidents through Azure Event Hub where we could streamline advanced hunting events into it (if its possible).

What we now need to know is whether this API supports incidents (for MDI/MDO) or raw data. And if it’s the latter and the raw data is of an alert, can we then recreate an incident using only that data?

Any help would be highly appreciated.

Thanks

Azure Event Hubs
Azure Event Hubs
An Azure real-time data ingestion service.
555 questions
Microsoft Partner Center API
Microsoft Partner Center API
Microsoft Partner Center: A Microsoft website for partners that provides access to product support, a partner community, and other partner services.API: A software intermediary that allows two applications to interact with each other.
313 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. PRADEEPCHEEKATLA-MSFT 76,746 Reputation points Microsoft Employee
    2022-12-12T08:12:23.407+00:00

    Hello @Patrik Jakus ,

    Thanks for the question and using MS Q&A platfrom.

    You may checkout the Raw Data Streaming API which helps ingest Advanced Hunting events into Azure Event Hub.

    Hope this helps.