Azure Sentinel Integration: ServiceNow Incident status not updating on closure of incident in Sentinel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-02-2022 06:45 AM
Hi Team,
Azure Sentinel Integration: ServiceNow Incident status not updating on the closure of the incident in Sentinel.
Has anyone faced this issue?
- Labels:
-
Security Incident Response
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-13-2022 10:56 AM
I, too, am running into this issue as well. Moreover, I am not ingesting all the Azure Sentinel incidents when leveraging the plugin. Any status update from the Sentinel incident is not updating the mapped fields. I do not know if the parameters of the plugin can be adjusted to bring in all of the Sentinel incidents then including status updates within the corresponding SIR record. Please advise.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-23-2025 10:53 AM
Hello, I realize this is an old post but it appears that the integration is not designed to close incidents in SIR when they are closed in Sentinel. Did you ever find a workaround for this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-12-2025 03:44 AM
