Hi community,

we are a relatively new customer of Google SOAR & SecOps.
I am currently trying to set up some playbooks with interactions with users and/or SOC Teamembers.

Our favorite tool for communication is MS Teams. The integration is configured, we can send Messages via playbooks and also send replys to those messages via playbook. What we would like to do is using "WaitForReply" to those messages/replys and use the reply to continue the playbook (via conditions).
Flow would be like:
Case -> send Teams message -> send Teams message reply with more details -> wait for specific reply of user/soc -> split path to action 1 or action 2 -> continue with rest of the flow.....

Replay from user/soc could be something like "yes" "no" "escalate" ...

Unfortunatelly the documentation to the MS Teams integration in SOAR is missing a lot of information and there are zero examples on how to use those actions.
Maybe someone has created a similar flow with MS Teams before and is willing to explain how the "WaitForReply" part has to be configured (which MessageID has to be linked, what do we need to put in "Expected Reply" to have multiple possible values)

Thank you