I have an Azure Sentinel resource in my subscription..
I am following the Azure documentation on how to enable User & Entities Behavior Analytics (UEBA) for Microsoft Sentinel: https://learn.microsoft.com/en-gb/azure/sentinel/enable-entity-behavior-analytics.
As per the prerequisites, I have both:
- the Security Administrator admin role in Entra Id
- the Microsoft Sentinel Contributor RBAC role on the entire subscription
From the Entity behavior configuration page in the Portal, I am able to switch on the toggle on step 1, however after I select "Azure Active Directory" on step 2 and click "Apply", I get the following error message:
"Updating the Entity Providers failed."
![Screenshot of the error message on the Portal](https://learn-attachment.microsoft.com/api/attachments/cfbdc942-68dd-4551-beac-eddb33637b6d?platform=QnA)
I can't progress any further on enabling UEBA for Sentinel.
Any help on how to resolve would be greatly appreciated.