Azure
Created a new tool for creating Incidents with email
A detailed explanation is here. https://github.com/samikroy/Azure-Sentinel/blob/patch-32/Tools/Create%20Incidents%20with%20Email/Readme.md
This will be a part of the readme after the PR merge.
Hi @samikroy -
Thank you for this content. Based on the functionality I see this is automation playbook and can we move this to Playbook folder, so that we can get into Content hub subsequently. While moving, can you please add following elements, so that it will be ready for content hub
- Metadata section:
- You can find the instructions here - https://github.com/Azure/Azure-Sentinel/tree/master/docs/New%20Playbooks%20Contribution%20Guide#contribution-guidelines
- For examples you can refer this playbook https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Okta%20Single%20Sign-On/Playbooks/OktaPlaybooks/Okta-EnrichIncidentWithUserDetails/azuredeploy.json
- As a best practice, we recommend sentinel connection in playbooks uses "ManagedSecurityIdentity". Please refer Sample Template for sample template. For more details, refer this. Make sure to do changes at 3 places
@anki-narravula @v-spadarthi - Please have a look at the updated code and share your reviews !
@anki-narravula : Please have a look and provide your feedback @samikroy addressed your comments.
@anki-narravula @v-spadarthi - Please have a look at the updated code and share your reviews !
@samikroy Metadata object is still missing, example one
hi @samikroy, Please add metadata object to your playbook, so that @anki-narravula can review and merge your changes. Thanks
@anki-narravula , @v-spadarthi & @v-mchatla - Could you please help with the merge as the comments are addressed now.
Hi @anki-narravula, Author has addressed your comments. Can you please review and provide your approval. Thanks
@v-mchatla , @anki-narravula, @v-spadarthi - Could you please help with the merge.
Hi @samikroy -
Thank you for this content. Based on the functionality I see this is automation playbook and can we move this to Playbook folder, so that we can get into Content hub subsequently. While moving, can you please add following elements, so that it will be ready for content hub
- Metadata section:
- You can find the instructions here - https://github.com/Azure/Azure-Sentinel/tree/master/docs/New%20Playbooks%20Contribution%20Guide#contribution-guidelines
- For examples you can refer this playbook https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Okta%20Single%20Sign-On/Playbooks/OktaPlaybooks/Okta-EnrichIncidentWithUserDetails/azuredeploy.json
- As a best practice, we recommend sentinel connection in playbooks uses "ManagedSecurityIdentity". Please refer Sample Template for sample template. For more details, refer this. Make sure to do changes at 3 places
@samikroy , did you checked the 2-point mentioned by anki , regarding "managedserviceidentity" , As i am not able to see the changes being done,
Kindly check again
