About the Get VEN Details Playbook
This playbook contains a collection of procedures that respond to a Microsoft Sentinel Alert.
After an alert is triggered, its body is sent to a function app.
The function talks to the PCE using the API key and API secret.
After the VEN details are fetched from the PCE, the playbook constructs a table with the relevant information.
The table includes the alert title, severity, VEN details like the IP address, hostname and labels, and a description of the alert. The table is sent out in an email.