|
…
|
||
|---|---|---|
| .. | ||
| Readme.md | ||
| azuredeploy.json | ||
Readme.md
Please use the below button to deploy
Deployment
Once deployed you can configure the connections as below
Configuration
- Sentinel Connection
- Office 365 Connection
Post configuration
Once configured, the logic app will look like this.
Test
Step 1: Send an email to the configure email
Step 2: Incident created in Sentinel
Use cases
SOC - In a organization there might be Security Incident / Suspicious activity occurring to the resources where Security is not tightened up yet. So an email address can be whistle blower here. A suspicious activity can be reported over a dedicated email address to create an incident and address the incident.
Thank you for using the tool.