This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 82%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Hello, I'm trying to run through some of the free online training on learn.microsoft.com for Sentinel. I'm working on this exercise "Detect threats with Microsoft Sentinel analytics". I have created a free account and deployed the ARM template for the exercise to my account. I've followed the instructions, but when it comes time to "Launch Azure Policy Assignment Wizard". Under Prerequisites I see this To integrate with Azure Activity, make sure you have: <checkmark> Workspace: read and write permissions. <info alert>Policy: owner role assigned for each policy assignment scope. <info alert>Subscription: owner role permission on the relevant subscription I ignored it the first time, and followed the directions, but the Azure Activity Data Connector never went active. I even waited a couple of hours. Has anyone else run into this? Am I missing something?
Please check there are logs, as sometimes the status isnt always up to date, example query.
AzureActivity
| where TimeGenerated > ago(3d)
| count