Hi folks
I’m new to sentinel, after going through the documentation I have a few questions regarding the incident trigger.
So, According to the Microsoft sentinel Documentation
“Playbooks with this trigger do not support alert grouping, meaning they will receive only the first alert sent with each incident. ”
Why the incident trigger do not support alert grouping and why they will only receive the first alert. Thank you so much, I just can’t get my head around with this concept.
Cheers