Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
This playbook uses the SOC Recommended Actions Watchlist to automatically enrich incidents generated by Microsoft Sentinel with Actions to review and take. Actions will be evaluated per Customer Organization and edited/modified per their standards of conduct.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | SOC-Process-Framework |
| Source | View on GitHub |
This playbook uses 3 Logic App connectors / built-in actions:
| Connector / Action | Type | Connections | Actions |
|---|---|---|---|
azuremonitorlogs |
Managed | 1 | 1 |
azuresentinel |
Managed | 1 | 0 |
microsoftsentinel |
Managed | 0 | 1 |
azuremonitorlogs (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Run_query_and_list_results | post | /queryData |
— |
microsoftsentinel (Managed)| Action | Method | Endpoint | Other |
|---|---|---|---|
| Add_task_to_incident | post | /Incidents/CreateTask |
— |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊