Please check there are logs, as sometimes the status isnt always up to date, example query.
AzureActivity
| where TimeGenerated > ago(3d)
| count
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello, I'm trying to run through some of the free online training on learn.microsoft.com for Sentinel. I'm working on this exercise "Detect threats with Microsoft Sentinel analytics". I have created a free account and deployed the ARM template for the exercise to my account. I've followed the instructions, but when it comes time to "Launch Azure Policy Assignment Wizard". Under Prerequisites I see this To integrate with Azure Activity, make sure you have: <checkmark> Workspace: read and write permissions. <info alert>Policy: owner role assigned for each policy assignment scope. <info alert>Subscription: owner role permission on the relevant subscription I ignored it the first time, and followed the directions, but the Azure Activity Data Connector never went active. I even waited a couple of hours. Has anyone else run into this? Am I missing something?
Please check there are logs, as sometimes the status isnt always up to date, example query.
AzureActivity
| where TimeGenerated > ago(3d)
| count