79244488

Date: 2024-12-02 14:47:20
Score: 1
Natty:
Report link

You can use Automation Rules directly in Sentinel. This approach would allow you to set tag on incident based on selected Custom Detail and its value. I presented this approach in the following You Tube video: Microsoft Sentinel Automation Tag Incidents

Reasons:
  • Whitelisted phrase (-1.5): You can use
  • Low length (0.5):
  • No code block (0.5):
  • Single line (0.5):
  • Low reputation (1):
Posted by: conceptoria