Thank you for posting your query on Microsoft Q&A. From above description I could understand that you have configured Defender for Endpoint and Microsoft Defender XDR data connectors in Microsoft Sentinel but have not seen any new events generated since 25th Jan nor you are able to delete the connector.
Please do correct me if this is not the ask by responding in the comments section.
When I open the connector page on Defender for Endpoint etc, everything is disabled, I want to disconnect.
When you enable the Microsoft Defender XDR connector, all of the Microsoft Defender XDR components’ connectors (the ones mentioned at the beginning of this article) are automatically connected in the background. In order to disconnect one of the components’ connectors, you must first disconnect the Microsoft Defender XDR connector.
Kindly try disconnecting XDR connector first and then other M365 defender connector "disconnect" option will be active.:
The same with Threat Intelligence Upload Indicators API:
For Threat Intelligence Upload Indicators API you may click on "Delete" option at top left and it will get disconnected
All the data connectors above haven't ingested data since January 25th.
This could be validated from the source itself, for example for Microsoft Defender for Endpoint and XDR, kindly validate:
- If any configured events in connector are generated in Microsoft defender portal:
- If alerts are generated validate if your Sentinel workspace is showing up with chosen event types in Microsoft Defender XDR settings:
***Please "Accept the answer (Yes)" and "share your feedback ". This will help us and others in the community as well.
Thanks,
Akshay Kaushik