I am hoping to use built in automation rules / playbook in Azure Sentinel specifically "Isolate MDE Machine - Alert Triggered". I need a condition similar to "If incident is created between 09:30 - 10:00" run playbook "Isolate MDE Machine - Alert Triggered". By default, automation rules can only run "when created" or "when updated" - this is ok for me, but I need the time based condition applied.
I hope this is not too confusing, but is this possible?
I know once the 'Isolate MDE Machine - Alert Triggered' playbook is enabled, the logic app designer becomes available so amendments can be made. I am not too familiar but have been searching online for ways to add the time based condition to the playbook with no luck.