You’re offline. This is a read only version of the page.
2,563
Using the trigger: Microsoft Graph Security, On all new alerts
I filter it to only trigger on IPC alerts, this works fine.
I send the user an adaptive card for the IPC alert, where the user can select if they are compromised or not.
In the Responds flow for the adaptive card I then set the Risky User in Azure status to dismissed or Compromised. Everything up until now works great.
I then use the action Microsoft Graph Security: Update Alert
As soon as the Alert is updated, for example I set the status of the alert to completed, or add a tag or comment, then the first flow is triggered again, this should not happen, it is not a new alert.
This means the Microsoft Graph Security, On all new alerts is triggering when an alert status is updated also or anything changes in the alert, this is for me not expected behavior as it creates a loop, the user respond to using the adaptive card the Alert status is updated and the user gets the same email in a loop.
Should only be triggered when the value of the status is "newAlert"
Currently it is also triggering on
But I'm pretty sure this is a bug and I do have a workaround, but I can replicate the issue over and over again.
@VictorIvanidze Thank you for trying 🙂
Sorry I temporary unable to use Premium connectors - maybe somebody else will help.
@VictorIvanidze I can post my entire flow but you can replicate the issue by just using the steps below, as soon as you do an Update on any Alert the trigger for Microsoft Graph Security, On all new alerts is triggered, even thou this is not a new alert.
Could you show your flow?
#1
WarrenBelz
146,651
Most Valuable Professional
#2
RandyHayes
76,287
Super User 2024 Season 1
#3
Pstork1
65,999
Most Valuable Professional
Share
Report
All responses (
Answers (
