![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 4%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET6%3C/text%3E%3C/svg%3E)
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,219 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 8%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EST%3C/text%3E%3C/svg%3E)
Thanks for reaching out to Microsoft Q&A.
To integrate Microsoft Purview Audit Log with Azure Sentinel for Microsoft Defender XDR activities, you can follow these steps:
Firstly, please note that the Microsoft Purview Audit Log does not currently support direct integration with Azure Sentinel. However, you can use the Azure Sentinel connector for Microsoft Defender to forward the activities to Azure Sentinel.
This means that you can leverage the Azure Sentinel connector for Microsoft Defender to forward the Microsoft Defender XDR activities and Microsoft Defender for Identity activities from the Microsoft Purview Audit Log to Azure Sentinel.
I hope this helps. Please let me know if you have any questions.