Azure AI Foundry 2. Sentinel Incidents RAG
- Michael He
- Oct 10
- 1 min read
Create a storage account
Create a container name it "incidents"
Deploy a playbook: https://github.com/Pavel-Hrabec/AI-for-CyberSecurity#
I am using "AI-Training-Data"
At Resource Group level, assign "Storage Blob Data Contributor" role to this playbook via managed identity
Also assign Log Analytics role to the playbook via managed identity
Fix the API connections
Fix playbook blob connection:
Also need to update the endpoint for the blob storage (URL can be found under storage account > container)
Save the playbook
Now run this playbook against an incident and you can download the file in the container
i.e.
Let's go back to the AI Foundry > Playground > Chat > Add your data
Now go back to the AI Foundry playground and refresh AI search resource
Comments