How can we help?
{{docApp.searchError}}
{{product.name}}
Searching in {{docApp.searchFilterBySpecificBookTitle}}
{{docApp.searchResultFilteredItems.length}} results for: {{docApp.currentResultsSearchText}}
in {{docApp.searchFilterBySpecificBookTitle}}
Search results have been limited. There are a total of {{docApp.searchResponse.totalResultsAvailable}} matches.
You have an odd number of " characters in your search terms - each one needs closing with a matching " character!
-
{{resultItem.title}}
{{resultItem.url}}
{{docApp.libraryHomeViewProduct.title || docApp.libraryHomeViewProduct.id}}
{{docApp.libraryHomeViewProduct.description}}
{{group.title || group.id}}
{{group.description}}
Operation Information
Hornbill iBridge integration to get the details of an incident in Microsoft Defender.
This is a Premium Integration.
Authentication
This operation requires authentication, the details of which can be securely stored on your instance in a KeySafe Key of type Microsoft Defender 365.
To create a key of this type:
- In the Configuration area of your Hornbill instance, navigate to Platform Configuration > Security > KeySafe;
- Click on the + Create New Key button;
- On the resulting Create New Key form, choose Microsoft Defender 365 in the Type pick list;
- Give the Microsoft Defender 365 KeySafe key a Title (this is the name / identifier for the Microsoft Defender 365 account as you will see it when using the cloud automation node in your workflows);
- Optionally populate the Description field;
- Click the Create Key button to create your new key;
- Once the Key is created, you will need to connect to the target service, and your account, in order to authorize the connector app access to the listed operations. Click the Connect button and you will be redirected to the service provider in a popup window;
- Log in to your account, and then you will be prompted to review the options you are authorizing the Hornbill connector to be allowed to perform using the chosen account;
- Accept the review and you will be returned to your KeySafe key.
Revoking Access
If at any point you wish to revoke access to any of the above accounts from your Hornbill instance, just hit the Revoke button in the relevant KeySafe key(s).
Warning
This will revoke the rights of any existing Cloud Automation Node in your Hornbill Workflows that are using the revoked Microsoft Defender 365 account, so you will need to manage these workflows accordingly.
Input Parameters
| Display Name | ID | Type | Description | Required | Supported Values |
|---|---|---|---|---|---|
| Incident ID | incidentId |
string |
None provided | Yes | None provided |
Output Parameters
| Display Name | ID | Type | Description |
|---|---|---|---|
| Status | status |
string |
None provided |
| Id | id |
string |
None provided |
| Error | error |
string |
None provided |
| Incident Web Url | incidentWebUrl |
string |
None provided |
| Display Name | displayName |
string |
None provided |
| Tenant Id | tenantId |
string |
None provided |
| Created Date Time | createdDateTime |
string |
None provided |
| Last Update Date Time | lastUpdateDateTime |
string |
None provided |
| Assigned To | assignedTo |
string |
None provided |
| Classification | classification |
string |
None provided |
| Determination | determination |
string |
None provided |
| Severity | severity |
string |
None provided |
| Comment | comment |
string |
None provided |
| Created By | createdBy |
string |
None provided |
| Created Time | createdTime |
string |
None provided |
- Version {{docApp.book.version}}
- Node {{docApp.node}} / {{docApp.build}}
In This Document