Forum Discussion

punkrokk's avatar
punkrokk
Copper Contributor
Mar 01, 2019

API for Sentinel Alerts and Cases

Where can I find docs to query new alerts and cases and interact with then in Azure Sentinel.
Marticus2425's avatar
Marticus2425
Copper Contributor
Mar 12, 2019

Ryan Heffernan-

 

Are there any plans to add externally-exposed APIs - for example, being able to query Sentinel for alerts, change alert statuses, etc?

 

I looked through the GitHub repo and didn't see anything really referencing that (primarily related to Notebooks and Hunting Queries).

 

Is there perhaps any documentation around any externally-exposed APIs like that that you can pass along?

 

Thanks!

Koby Koren's avatar
Koby Koren
Icon for Microsoft rankMicrosoft
Mar 12, 2019

Hi,

 

Azure Sentinel API is coming soon so you can query cases, manage them and update rules as well.

 

Thanks,

Koby

  • stevenharlandqc's avatar
    stevenharlandqc
    Copper Contributor
    Feb 06, 2020
    Hi,

    Is there any update on when this might be available?

    Thanks,
    Steven
    • kobiga's avatar
      kobiga
      Icon for Microsoft rankMicrosoft
      Feb 09, 2020
      Hi,

      The new incidents API should be published by the end of the month
      • SanderWannet's avatar
        SanderWannet
        Copper Contributor
        May 15, 2020

        kobiga Is there any update yet? I can't find the Incidents API.

  • kastromatos's avatar
    kastromatos
    Copper Contributor
    Nov 13, 2019
    Hi,

    Any updates here? No API for now and even Microsoft.Graph still cannot manipulate with Sentinel incidents(cases).

Resources