The "Synchronize Torq Case Severity to Microsoft Sentinel Incidents" workflow streamlines incident management by automatically updating Microsoft Sentinel incidents when there is a change in the severity of a Torq case. This ensures that all relevant information is consistently communicated, allowing businesses to maintain synchronization between their internal processes and Sentinel, improving response efficiency and stakeholder communication.

Use Cases

Case Management

Workflow Breakdown

Workflow triggers when severity is changed.
Fetch Sentinel Incident ID from Case Custom Fields.
Creates a new session on Microsoft Sentinel and updates an incident with the accurate Severity.

Vendors

Utils, Torq Cases, Microsoft Sentinel

Tips

Original Community Post: https://community.torq.io/case-management-getting-started-7m5qtn0s/post/case-mirroring-with-microsoft-sentinel-cWKc7JL4AX9yg46

Synchronize Torq Case Tags to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Assignee to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case State Change to Microsoft Sentinel Incident - Workflow Template

Synchronize Torq Case Severity to Jira - Workflow Template

Synchronize Torq Case Comment to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Severity to Microsoft Sentinel Incidents - Workflow Template

Use Cases

Workflow Breakdown

Vendors

Tips