Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This Security Orchestration, Automation, & Response (SOAR) capability is designed for configuration with the solution's analytics rules. When analytics rules trigger this automation notifies the log management team of respective details via Teams chat and exchange email. this automation reduces requirements to manually monitor the workbook or analytics rules while increasing response times.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | MaturityModelForEventLogManagementM2131 |
| Source | View on GitHub |
This playbook uses 3 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azuresentinel |
Managed | 1 | 0 |
office365 |
Managed | 1 | 1 |
teams |
Managed | 1 | 1 |
office365 (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Send_an_email_(V2)_2 | post | /v2/Mail |
— |
teams (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Post_message_in_a_chat_or_channel | post | /beta/teams/conversation/message/poster/Flow bot/location/@{encodeURIComponent('Channel')} |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
↑ Back to Playbooks · Back to MaturityModelForEventLogManagementM2131