New Contributor

Hello! 

 

Hoping someone can help... I'm looking to create an email notification based on if the number of open incidents is greater than X value. Has anyone achieved this or can provide pointers, or guidance in setting up a playbook or similar to achieve this? 

 

Thanks :) 

@ClemFandango2055 

 

For looking at Incidents this may help Re: How to show amount of query results as entity on incident created in Azure Sentinel - Microsoft ...  you then you can use one of the two templates for an example Playbook to send the email

Screenshot 2021-10-21 130813.png

Perfect thanks @CliveWatson :smile:

www.000webhost.com