Post Message Slack Via Webhook

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Content Index

This playbook will be sending Slack with basic incidents details (Incident title, severity, tactics, link,…) when incident is created in Microsoft Sentinel. The playbook includes functionality to:
Close Incident As False Positive
Close Incident As Benign Positve
Change Incident Status To Active
Add entities to allow list

Attribute	Value
Type	Playbook
Solution	Standalone Content
Source	View on GitHub

Logic App Connectors

This playbook uses 2 Logic App connectors / built-in actions:

Connector / Action	Type	Connections	Actions
`azuresentinel`	Managed	1	0
`http`	Built-in	0	1

Action parameters (URLs, paths, function IDs)

`http` (Built-in)

Action	Method	Endpoint	Other
HTTP	POST	`[parameters('SlackWebhook')]`	—

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to Playbooks

Post Message Slack Via Webhook

Logic App Connectors

http (Built-in)

`http` (Built-in)