How can we improve Microsoft Azure Sentinel?

Manually create an incident

Sometimes we need to trigger an incident manually, to then "pull" events into it - not all incidents are automatically created by an alert.

It would be great to have the ability to manually create an incident and "add" / "remove" notable events by hand / by query (as well as events from other non-Azure data sources)

1 vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)

We’ll send you updates on this idea

Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base