Configure Email Notifications for Azure Sentinel Alerts and Recommendations
Question
You have an Azure subscription that contains an Azure Sentinel workspace. Sentinel is configured to monitor several Azure resources.
You need to send notification emails to resource owners when alerts or recommendations are generated for a resource.
What should you use?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.A
Currently there is no built-in functionality that notifies you via email if there is an incident that is generated in Azure Sentinel. However, you can set up an Azure
Logic App playbook to send incident information to your email.
https://azsec.azurewebsites.net/2020/01/19/notify-azure-sentinel-alert-to-your-email-automatically/The correct answer is A. Logic Apps Designer.
Azure Sentinel is a cloud-native security information and event management (SIEM) service that provides intelligent security analytics across your enterprise. It monitors your cloud and on-premises environments and detects threats across all users, devices, applications, and infrastructure.
Logic Apps Designer is a cloud-based service that allows you to create workflows and integrate applications and services without writing code. With Logic Apps, you can automate the process of sending notifications to resource owners when alerts or recommendations are generated for a resource.
To send notification emails to resource owners, you can use the Azure Sentinel connector in Logic Apps Designer. This connector allows you to create a workflow that triggers an email notification when an alert or recommendation is generated for a specific resource. You can configure the email notification to include details of the alert or recommendation, such as the severity level, description, and suggested actions.
Azure Security Center is a cloud-based service that provides unified security management and advanced threat protection across hybrid cloud workloads. While it can send notifications for security alerts and recommendations, it is not the best fit for this scenario as it does not have direct integration with Azure Sentinel.
Azure Pipelines is a cloud-based service that allows you to continuously build, test, and deploy to any platform or cloud. It is not a suitable service for sending notification emails for security alerts or recommendations.
Azure Machine Learning Studio is a cloud-based service that provides a web-based graphical interface for building, testing, and deploying machine learning models. It is not related to sending notifications for security alerts or recommendations.
