Two New Features Sneak into the Microsoft Sentinel Incident Experience

Halt! Who goes there?

The new Incident experience in Microsoft Sentinel is being lauded as one of the best new enhancements in a long while. And, while the initial release was something to behold, more capabilities are coming based on customer feedback.

For example, today, if you jump into an Incident’s details, you’ll find a couple new options for the Logs panel.

First off, new Export options have been added, allowing you to quickly export the query results to other destinations and reporting mechanisms.

The second new option is a link at the bottom right of the Logs context panel that allows you to take the query and the query results and carry them over to a new browser tab that contains the full Log Analytics experience.

More features are coming to further enhance the experience. Stay tuned.

[Want to discuss this further? Hit me up on Twitter or LinkedIn]

[Subscribe to the RSS feed for this blog]

[Subscribe to the Weekly Microsoft Sentinel Newsletter]

[Subscribe to the Weekly Microsoft Defender Newsletter]

[Learn KQL with the Must Learn KQL series and book]