How to enable Azure Activity Sentinel Data Connector

Question

Hi, I'm trying to enable Azure Activity Sentinel Data Connector. I've manage to install it and when I follow the 'Launch Azure Policy Assignment Wizard' it completes successfully, however the Azure Activity Data Connector never shows 'green/connected' and no data is ingested.

On the Azure Activity Data Connector instructions and "Prerequisites To integrate with Azure Activity" make sure I have:

Green Tick > Workspace: read and write permissions.

Information Symbol >Policy​: owner role assigned for each policy assignment scope.​

Information Symbol >Subscription: owner role permission on the relevant subscription

Any help / ideas appreciated.

Answer 1

To resolve the issue with the Azure Activity Data Connector not showing as connected or ingesting data, ensure that you have the correct permissions.

Verify that you have read and write access to the Log Analytics workspace and Owner role on both the policy assignment scope and the subscription.

Next, check if Activity Logs are being generated in your subscription and that data is flowing into the Log Analytics workspace. Confirm that the Azure Activity connector is properly set up in Azure Sentinel > Configuration > Data Connectors and shows as "Connected".

Additionally, ensure there are no firewall or network restrictions that could block the connection. Review the Activity Logs and Azure Monitor for any relevant errors. If these steps don’t resolve the issue, try reapplying the policy assignment.