Microsoft Defender ATP Trigger doesn't work
Microsoft Defender ATP trigger does not work.
I am using Microsoft Defender ATP triggers for the Consumption plan Logic Apps.
We confirmed from the Defender Portal (security.microsoft.com) that the MDE alert was issued and checked the execution and trigger history of Logic Apps, but it was neither executed nor triggered.
What are the prerequisites, if any, for triggering?
When creating the connector for the Microsoft Defender ATP trigger, we used the Logic Apps system-assigned Managed ID and granted the following permissions to the Managed ID
"WindowsDefenderATP/Alert.Read.All/Read all alerts"
I created a connector with the OAuth option as a test, but the result was the same. In this case, the authenticated user was given the Entra Security Administrator role.
Translated with DeepL.com (free version)