The "Synchronize Torq Case Assignee to Microsoft Sentinel Incidents" workflow template facilitates seamless integration between Torq and Microsoft Sentinel, enabling efficient case management. By automatically synchronizing case assignee changes to associated Sentinel incidents, teams can ensure prompt and coordinated incident response. This integration improves communication and collaboration with external stakeholders through Sentinel, enhancing overall operational efficiency.

Use Cases

Case Management

Workflow Breakdown

Workflow triggers when case is assigned to a new teammate.
Fetch Sentinel Incident ID from Case Custom Fields.
Creates a new session on Microsoft Sentinel and updates an incident with the new Assignee.

Vendors

Utils, Torq Cases, Microsoft Sentinel

Tips

Original Community Post: https://community.torq.io/case-management-getting-started-7m5qtn0s/post/case-mirroring-with-microsoft-sentinel-cWKc7JL4AX9yg46

Synchronize Torq Case Tags to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Severity to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case State Change to Microsoft Sentinel Incident - Workflow Template

Synchronize Torq Case Assignee to ServiceNow - Workflow Template

Synchronize Torq Case Assignee to Jira - Workflow Template

Synchronize Torq Case Assignee to Microsoft Sentinel Incidents - Workflow Template

Use Cases

Workflow Breakdown

Vendors

Tips