Title: Create a Case from Microsoft Sentinel Alerts with TorqDescription: Streamline incident response by using the Torq workflow template to automatically create structured cases from Microsoft Sentinel alerts. Upon receiving an alert via webhook, the workflow maps the alert data to a case layout, ensuring all pertinent information is captured in a consistent format. Ideal for security teams seeking efficient case management and immediate action on alerts.Use Case: Security Teams, Incident Response, Case ManagementCategories: FeaturedDifficulty: IntermediateTags: Case Creation, Security Orchestration, Microsoft Sentinel IntegrationTips: - Familiarize yourself with the basics of case management: [Getting Started with Torq Case Management](https://community.torq.io/case-management-getting-started-7m5qtn0s/post/creating-cases-with-microsoft-sentinel-events-mB6qxPAKA7jDRMD) - Ensure webhooks are properly configured to receive alerts from Microsoft Sentinel.Updated At: 2025-07-15Vendor Integrations: - Microsoft Sentinel - Torq Cases - Data Transformation UtilitiesWorkflow Steps Overview: 1. Receive alerts from Microsoft Sentinel via webhook. 2. Map alert data to the appropriate fields in the case layout. 3. Automatically create a new case in Torq with mapped alert data. 4. Optional: Attach related events and additional details to the case for a comprehensive view.This workflow template is part of the "Case Creation from Field Mapping Workflows" section, offering a standardized approach to harness Microsoft Sentinel's alerting capabilities within Torq's case management environment.