New Alert

Triggers a workflow on every new Microsoft Defender For Cloud App alert created.

info

Automations based on this trigger will search for new events every 5 minutes.

Sample Event

{
    "entityRole": "Source",
    "entityType": 2,
    "id": "6204bdaf-ad46-4e99-a25d-374a0532c666",
    "inst": 0,
    "label": "user1",
    "pa": "user1@contoso.com",
    "type": "account"
}