Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This playbook will be sending Slack with basic incidents details (Incident title, severity, tactics, link,…) when incident is created in Microsoft Sentinel. The playbook includes functionality to:
Close Incident As False Positive
Close Incident As Benign Positve
Change Incident Status To Active
Add entities to allow list
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | Standalone Content |
| Source | View on GitHub |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊