We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Certified Connector
FreshService
https://learn.microsoft.com/en-us/connectors/freshservice/
When an incident is triggered for this Logic App through Sentinel, it is not parsing the correct fields for Source and Severity.
Input of the API Job Run (not the entire body pasted)
{ "requester_id": xxxxxxx, "subject": "xxxxx", "status": "Open", "priority": "High", "description": "Severity: High\xxxx
For instance, this was the request body on a "High" Sentinel Alert (not the entire body pasted below)
"fr_due_by": "2024-04-25T22:46:05Z", "id": 8, "priority": 1, "status": 2, "source": 3, "created_at": "2024-04-22T03:16:05Z",
The same issue is occurring for every severity type where the API Request is marking the priority as 1 regardless of severity level in Sentinel.
As per https://api.freshservice.com/#create_ticket High should be priority 3
No, this is not a security bug
Severity 1 - Connector is broken or there's a very serious issue
Create Logic App as outlined here - https://thisismydemo.cloud/post/integrate-microsoft-sentinel-freshservice/ Run Playbook on any severity ticket within Sentinel
The POST request should have the correct severity level as per Sentinel and the FreshService API
Azure Logic Apps/Sentinel
N/A
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Type of Connector
Certified Connector
Name of Connector
FreshService
Describe the bug
https://learn.microsoft.com/en-us/connectors/freshservice/
When an incident is triggered for this Logic App through Sentinel, it is not parsing the correct fields for Source and Severity.
Input of the API Job Run (not the entire body pasted)
For instance, this was the request body on a "High" Sentinel Alert (not the entire body pasted below)
The same issue is occurring for every severity type where the API Request is marking the priority as 1 regardless of severity level in Sentinel.
As per https://api.freshservice.com/#create_ticket High should be priority 3
Is this a security bug?
No, this is not a security bug
What is the severity of this bug?
Severity 1 - Connector is broken or there's a very serious issue
To Reproduce
Create Logic App as outlined here - https://thisismydemo.cloud/post/integrate-microsoft-sentinel-freshservice/
Run Playbook on any severity ticket within Sentinel
Expected behavior
The POST request should have the correct severity level as per Sentinel and the FreshService API
Environment summary
Azure Logic Apps/Sentinel
Additional context
N/A
The text was updated successfully, but these errors were encountered: