How can we improve Microsoft Azure Sentinel?

Manually create an incident

Sometimes we need to trigger an incident manually, to then "pull" events into it - not all incidents are automatically created by an alert.

It would be great to have the ability to manually create an incident and "add" / "remove" notable events by hand / by query (as well as events from other non-Azure data sources)

3 votes
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
An error occurred while saving the comment

Feedback and Knowledge Base