Hey EnterpriseArchitect,
You can create a KQL Query Alert through your Azure Log Analytics where you filter for the event, and trigger it with an e-mail when the risky event is triggered.
You can also leverage the SendGrid free tier to send e-mail.
List of KQL you can configure for Solorigate
https://techcommunity.microsoft.com/t5/azure-sentinel/solarwinds-post-compromise-hunting-with-azure-sentinel/ba-p/1995095
SendGrid for Azure
https://sendgrid.com/docs/for-developers/partners/microsoft-azure/
Trigger alerts for Log Analytics log entries
https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/tutorial-response
Update:
List of KQL to monitor for in relation to Solorigate (https://github.com/FalconForceTeam/FalconFriday/blob/master/Uncategorized/FireEye_red_team_tool_countermeasures.md)
Hope this helps,
all the best,
Ulv