SummitAI and Sentinel Integration

This project is to integrate Microsoft Sentinel with SummitAI Helpdesk for ticket and incident creation and update.

Comment 1

Inspiration

Microsoft Sentinel will take over the operations of incident creation and incident handling. Incidents generated by Microsoft Sentinel will be used to create tickets on Summit AI Helpdesk. The main objective concerning Microsoft Sentinel and Summit AI Helpdesk is to establish a connection between the two and make the ticket generating procedure automated.

What it does

This project hopes to automate ticket generation in SummitAI Helpdesk by using the incidents created in Microsoft Sentinel Workspace.

How we built it

We used Automation facilities provided in Microsoft Sentinel to create a Playbook that establishes a connection between REST API of SummitAI Helpdesk which will push Incident details onto SummitAI which will create tickets for them.

Challenges we ran into

  • How to create a JSON message to push incident details to SummitAI Helpdesk
  • Manage APIs

Accomplishments that we're proud of

  • Developing a solution that could be deployed in the production environment in our organization.

What we learned

  • How to use API in Logic Apps
  • How APIs work
  • How automation works in Sentinel
  • How to encrypt data in JSON using Azure Key vault

What's next for SummitAI and Sentinel Integration

  • Establishing a sync function between SummitAI Helpdesk and Microsoft Sentinel

Built With

  • api
  • json
  • playbooks
  • sentinel
Share this project:

Updates