API versions of Microsoft Sentinel REST APIs

This article lists the current and past versions of the Microsoft Sentinel REST APIs.

Note

Starting from the 2021-09-01-preview release, every Preview version contains all Preview operation groups. Starting from the 2021-10-01 release, every Stable version contains all Stable operation groups. If an operation group hasn’t changed since last version, it will carry over as-is to the new version.

Preview versions

Use the latest preview version when you want to take advantage of all the latest Public Preview features. Note that preview versions are also released to test new functionality, gather feedback, and discover and fix issues. Preview APIs are available under the Supplemental Terms of Use for Microsoft Azure Previews.

API version Specification API updates
2023-12-01-preview Swagger specification Release note
2023-10-01-preview Swagger specification Release note
2023-09-01-preview Swagger specification
2023-08-01-preview Swagger specification Release note
2023-07-01-preview Swagger specification Release note
2023-06-01-preview Swagger specification Release note
2023-05-01-preview Swagger specification Release note
2023-04-01-preview Swagger specification Release note
2023-03-01-preview Swagger specification Release note
2023-02-01-preview Swagger specification Release note
2022-12-01-preview Swagger specification Release note
2022-11-01-preview Swagger specification Release note
2022-10-01-preview Swagger specification Release note
2022-09-01-preview Swagger specification Release note
2022-08-01-preview Swagger specification Release note
2022-07-01-preview Swagger specification
2022-06-01-preview Swagger specification
2022-05-01-preview Swagger specification
2022-04-01-preview Swagger specification
2022-01-01-preview Swagger specification
2021-10-01-preview Swagger specification Release note
2021-09-01-preview Swagger specification Release note
2021-03-01-preview Swagger specification
2019-01-01-preview Swagger specification

Stable versions

Use the latest stable version when you want to access the latest generally available (GA) features.

API version Specification API updates
2023-11-01 Swagger specification Release note
2023-02-01 Swagger specification Release note
2022-11-01 Swagger specification
2022-08-01 Swagger specification Release note
2021-10-01 Swagger specification Release note
2021-04-01 Swagger specification Release note
2020-01-01 Swagger specification Release note

Release notes

2023-12-01-preview

This is the current Preview release of the Microsoft Sentinel REST APIs. It includes all the previously released Preview & GA features.

2023-11-01

This is the current generally available (GA) release of the Microsoft Sentinel REST APIs.

2023-10-01-preview

This release includes all the previously released Preview features and in addition, the following:

  • Data Connectors
    • DataConnectorDefinitions - Added exception for the word "Criterias" in the file cSpell.json.
  • Content hub
    • Added additional supported OData parameters.

2023-08-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Workspace Manager
    • Corrective change on WorkspaceManagerMember parameter name.

2023-07-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Data Connectors
    • New API endpoint added to manage Data Connector Definitions.

2023-06-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Source Controls
    • Added ability to manage Source Control connections via API by adding repository access parameters.

2023-05-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Billing Statistics

    • Provides billing statistics, such as current usage of the Microsoft Sentinel solution for SAP applications.
  • Data Connectors

2023-04-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Workspace Manager

    • The Microsoft Sentinel Workspace Manager enables customers and partners to manage multiple Microsoft Sentinel workspaces from a central point. Endpoints included:
      • WorkspaceManagerConfigurations
      • WorkspaceManagerMembers
      • WorkspaceManagerGroups
      • WorkspaceManagerAssignments
  • Hunts

    • Added Hunts endpoint

2023-03-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Playbooks
    • Entity Trigger
    • New endpoint to allow manual trigger of a playbook on an entity.

2023-02-01

Generally available features in this release include:

2023-02-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Data Connectors
  • Alert Rules (also known as analytics rules)
    • New endpoints added
      • triggeredAnalyticsRuleRuns – Get/GetAll
      • alertRules/{ruleId}/triggerRuleRun

2022-12-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Incidents
    • Add incident tasks as a nested resource for incidents

2022-11-01-preview

This release includes all the previously released Preview features, plus the following additions:

  • Recommendations
    • Recommendations API version added

2022-10-01-preview

This release includes all the previously released Preview features, plus the following additions:

2022-09-01-preview

This release includes all the previously released Preview features, plus the following additions:

2022-08-01

Generally available features in this release include:

  • Alert Rules (also known as analytics rules)
    • MITRE support

2022-08-01-preview

This version includes all the previously released Preview features, plus the following additions:

  • File imports
    • New operation group. Allows bulk addition of indicators to Threat Intelligence. Learn more

2021-10-01

This version includes all the previously released generally available (GA) features, plus the following additions:

2021-10-01-preview

This version includes all the previously released Preview features, plus the following additions:

2021-09-01-preview

This version includes all the previously released Preview features, plus the following additions:

2021-04-01

Generally available features in this release include:

  • Incidents
  • Threat Intelligence
  • Watchlists
  • Incidents

2020-01-01

Generally available features in this release include:

  • Alert rules
  • Alert rules templates
  • Bookmarks
  • Data connectors
  • Incidents

See also