Optimize your case management with this workflow template, which synchronizes comments from Torq cases to Microsoft Sentinel Incidents. Triggered by a new comment addition, it ensures your Sentinel incident records are automatically updated with relevant communication details. Perfect for enhancing collaboration and maintaining up-to-date incident documentation within the Microsoft Sentinel environment.

Use Cases

Case Management

Workflow Breakdown

Workflow triggers when a new comment is added.
Fetch Sentinel Incident ID from Case Custom Fields.
Creates a new session on Microsoft Sentinel and updates an incident with the new comment.

Vendors

Utils, Torq Cases, Microsoft Sentinel

Tips

Original Community Post: https://community.torq.io/case-management-getting-started-7m5qtn0s/post/case-mirroring-with-microsoft-sentinel-cWKc7JL4AX9yg46

Synchronize Torq Case Tags to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Severity to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case Assignee to Microsoft Sentinel Incidents - Workflow Template

Synchronize Torq Case State Change to Microsoft Sentinel Incident - Workflow Template

Synchronize Torq Case Comment to Jira - Workflow Template

Synchronize Torq Case Comment to Microsoft Sentinel Incidents - Workflow Template

Use Cases

Workflow Breakdown

Vendors

Tips