Automated Response for Microsoft Security Rules | Azure Sentinel

Prasenna Kannan 436 Reputation points
2020-12-01T07:02:56.64+00:00

Hello,

I have created a playbook to orchestrate automated response which will trigger an email with the alert details.

I'm able to associate the playbook with scheduled rule analytic rule, however I'm unable to associated with Microsoft Security analytic rule.

Based on the initial investigation, I'm informed that automated response for Microsoft Security rule is currently unavailable. Only for scheduled rule it is available.

Reference link below :

https://techcommunity.microsoft.com/t5/azure-sentinel/create-playbook-from-microsoft-security-rule-type/m-p/1387633

Can someone confirm?

Thanks,

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,138 questions
{count} votes

1 answer

Sort by: Most helpful
  1. John Nephin 1 Reputation point
    2021-01-04T16:08:08.933+00:00

    Any update to this? I also need this feature.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.