Create a profile for Microsoft Azure Sentinel
-
- UpdatedFeb 1, 2024
- 2 minutes to read
- Washington DC
- Security Incident Response integrations
Create an incident profile in your ServiceNow AI Platform instance and determine the Microsoft Azure Sentinel incidents that are suitable for creating security incidents.
Before you begin
Role required: sn_si.admin
About this task
The integration enables you to create different types of incidents, such as unauthorized access attempts and malware. These incidents are created based on the profiles that you configure in the ServiceNow AI Platform instance. All incidents are initially created for a configured incident type in a profile. Created incidents can then be further filtered to specify which incidents create security incidents.
All incidents that meet the selection criteria in your Microsoft Azure tenant, and are available over the Microsoft Azure Sentinel API, are initially ingested into your ServiceNow AI Platform instance.
Procedure
What to do next