...
Create a logic app using Azure Deploy Template.
Enter values for Subscription and Resource Group.
Select the Azure Sentinel workspace.
Enter a name in Logic App Name.Optional: If required, change the Compass endpoint.
Paste the API key URL previously copied from Comapss Compass into Api Key Endpoint.
Select Review + create.
Select Create.
Go to the API Connection resource created from the template.
Select General and then Edit API connection.
Authorize the connection and select Save.
Go to the Sentinel workspace. Under Configuration, select Automation.
Select Create and then Automation Rule.
Under Actions, select Run Playbook and select the logic app created from the template.
Select Apply.
Create a second automation rule.
For Trigger, select When incident is updated .
Add a new condition. Select Condition and then Condition (And) with the field Status Changed.
Select Apply.
Sample payload sent from Azure Sentinel
...