syncpythonscheduledhand-curated
Microsoft Sentinel → Cortex XSOAR (Palo Alto)
Mirror Microsoft Sentinel incidents into Cortex XSOAR every 5 minutes
Polls Sentinel for new/updated incidents via the Security Insights API and mirrors them as XSOAR incidents, preserving severity and owner.
sentinelxsoarincidentsyncmoderate
Use case
Mirror new Microsoft Sentinel incidents into Cortex XSOAR every 5 minutes, preserve severity and assigned owner, dedupe by Sentinel incident id
No code yet. Click below to run the Rinox pipeline. The result is saved to this library entry — every future visitor gets it instantly.
Useful?
Used by 0 teams · Viewed 5 times · Last validated 5/17/2026