SIGNL4 Alerting and Response
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This playbook will be sending alerts with basic incidents to SIGNL4 teams when an incident is created in Microsoft Sentinel.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | SIGNL4 |
| Source | View on GitHub |
Logic App Connectors
This playbook uses 2 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azuresentinel |
Managed | 1 | 0 |
signl4 |
Managed | 1 | 1 |
Action parameters (URLs, paths, function IDs)
signl4 (Managed)
| Action | Method | Endpoint | Other |
|---|---|---|---|
| Trigger_Alert | post | /alerts |
— |
Additional Documentation
📄 Source: SIGNL4_Alerting_and_Response/readme.md
SIGNL4 Alerting
This playbook will be sending alerts with basic incidents to SIGNL4 teams when an incident is created in Microsoft Sentinel.
Pre-requisites:
A SIGNL4 account.
SIGNL4 is a mobile alerting and incident response service for operational teams. You can send alerts via app push, SMS text or voice calls including tracking, escalation, on-call planning and collaboration.
Deployment:
Post-deployment
Configure connections
Edit the Logic App or go to Logic app designer. Expand “Trigger Alert” and connector to your SIGNL4 account by adding a new connection or signing-in to your existing one. You also adapt the alert details to be sent according to your needs. You also might want to add conditions or further processing or enrichment before submitting the alert.
Attach the playbook
After deployment, attach this playbook to an automation rule so it runs when the incident is created. Learn more about automation rules Note: Playbook is disabled by default. Please enable it before assigning to the Automation rule!
Screenshot
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊