NetskopeWebTxErrorEmail

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Content Index

This playbook sends email when Netskope Web Transaction data connector error is detected.

Attribute Value
Type Playbook
Solution Netskopev2
Source View on GitHub

Logic App Connectors

This playbook uses 2 Logic App connectors / built-in actions:

Connector / Action Type Connections Actions
azuresentinel Managed 1 0
outlook Managed 1 1
Action parameters (URLs, paths, function IDs)

outlook (Managed)

Action Method Endpoint Other
Send_email_(V2) post /v2/Mail

Additional Documentation

📄 Source: NetskopeWebTxErrorEmail/readme.md

Netskope Web Transaction Error Email

Summary

This playbook sends email when error is detected while running Netskope WebTransactions data connector.

Deployment instructions

  1. To deploy the Playbook, click the Deploy to Azure button. This will launch the ARM Template deployment wizard.
  2. Fill the below parameters:
    • Subscription: Azure Subscription ID which is present in the subscription tab in Microsoft Sentinel.
    • Resource Group: The Azure Resource Group name in which you want to deploy the Logic App.
    • Playbook Name: Enter the playbook name
    • Receiver Email Id: Enter the receiver email id to receive error mails

Deploy to Azure Deploy to Azure

Post-Deployment instructions

a. Authorize connections

Once deployment is complete, authorize each connection like MicrosoftSentinelConnection.

  1. Click the MicrosoftSentinelConnection resource
  2. Click edit API connection
  3. Click Authorize
  4. Sign in
  5. Click Save
  6. Repeat same steps for OutlookConnection
b. Configurations in Microsoft Sentinel
  1. In Microsoft Sentinel, analytics rules should be configured to trigger an incident.
  1. Add your deployed logic app in analytic rule to be trigger on every generated incident, to do this follow below steps
  • Select the Netskope - WebTx Error Detection analytic rule you have deployed.
  • Click on Edit
  • Go to Automated response tab
  • Click on Add new
  • Provide name for your rule, In Actions dropdown select Run playbook
  • In second dropdown select your deployed playbook
  • Click on Apply
  • Save the Analytic rule.

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

Back to Playbooks · Back to Netskopev2