Azure Sentinel Automation API SDK

Introduction

This API provides a robust and flexible framework for automating various tasks within Azure Sentinel.

Key features include:

• Automated incident analysis
• Workflow orchestration
• Custom report generation

Key Functionalities

- Incident ID Extraction: Automatically extracts the incident ID from the event data. - Task Assignment: Assigns tasks to different agents. - Workflow Automation: Builds automated workflows based on incident patterns. - Report Generation: Generates customized reports.

API Usage

API Endpoint

The primary API endpoint is: `/api/v1/automation/sentinel/automation`

Example

Example of Incident ID extraction: `event.incident_id`

Reference

Learn more: [https://docs.microsoft.com/en-us/azure/service-center/automation/api-sdk-overview?view=azure](https://docs.microsoft.com/en-us/azure/service-center/automation/api-sdk-overview?view=azure)

Link

Azure Sentinel Automation API SDK documentation: [https://docs.microsoft.com/en-us/azure/service-center/automation/api-sdk-overview?view=azure](https://docs.microsoft.com/en-us/azure/service-center/automation/api-sdk-overview?view=azure)

Contact

For support, please contact us at: support@example.com