Merge pull request #311838 from MicrosoftDocs/main

Auto Publish – main to live - 2026-02-16 06:00 UTC

Author: learn-build-service-prod[bot]

articles/azure-vmware/ecosystem-disaster-recovery-vms.md

@@ -30,7 +30,7 @@ You can find more information about their solutions in the following links:
 | Supported Version in Azure VMware Solution Gen 1 | Supported Version in Azure VMware Solution Gen 2 | Links                                                                 | Support                                                                                                                                     |
 |-------------------------------------------|-------------------------------------------|------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------|
 | VMware Live Site Recovery 9.0.2.1      | VMware Live Site Recovery 9.0.2.1                           | [Deploy VMware Live Site Recovery](/azure/azure-vmware/disaster-recovery-using-vmware-site-recovery-manager)                | Azure VMware Solution owns only install, Uninstall & Upgrade of Live Site Recovery. Customers should create Broadcom support tickets for all other areas.     |
-| Zerto 10.0 U7 GA| Zerto vSphere APIs for IO (VAIO) Timeline - TBD | [Deploying Zerto on Azure VMware Solution](https://help.zerto.com/category/AVS)         | All Zerto related issues and RunCommand errors, Customers are requested to reach [Zerto Support](https://www.zerto.com/myzerto/support/create-case/).                       |
+| Zerto 10.8 GA| Zerto Timeline - TBD | [Deploying Zerto on Azure VMware Solution](https://help.zerto.com/category/AVS)         | All Zerto related issues and RunCommand errors, Customers are requested to reach [Zerto Support](https://www.zerto.com/myzerto/support/create-case/).                       |
 | JetStream version: 5.0 GA | JetStream version: 5.0 GA | [Deploy JetStream](https://www.jetstreamsoft.com/2020/09/28/disaster-recovery-for-avs/)                         | All support—including install, uninstall, upgrade, configuration, replication—is handled by the JetStream support team. Contact [JetStream Support](https://jetstreamsoft.com/about/contact/). |
 |Veeam Backup & Replication 12 for VCD Azure VMware Solution |Timeline - TBD | [Veeam Backup for VMware Cloud Director on Azure VMware Solution](https://helpcenter.veeam.com/docs/backup/vsphere/vcloud_director_backup.html?ver=120) |Veeam Backup and Recovery solution for Azure VMware Solution supports VMware Cloud Director multi-tenancy|
 |Refer to Backup Recovery Partner Compatibility Guidance |Refer to Backup Recovery Partner Compatibility Guidance                     | [Backup solutions for Azure VMware Solution VMs](/azure/azure-vmware/ecosystem-back-up-vms) | Kindly reach out to the Backup and Recovery Product team for all support cases.                                                            |
@@ -45,12 +45,12 @@ Customers aren't permitted to open Microsoft support tickets for partner product
 
 | Solution            | Limitations / Unsupported Features                                                                                          |
 |---------------------|------------------------------------------------------------------------------------------------------------------------------|
-| **VMware Live Site Recovery** | Array-based replication and storage policy protection groups <br> VMware vVOLs Protection Groups<br> VMware SRM IP customization using SRM command-line tools <br> Shared Site Recovery (One-to-Many and Many-to-One topologies) <br> Custom VMware SRM plug-in identifier or extension ID <br> Encrypted VMs unsupported <br> Enhanced replication supported in Gen2 only<br> VMware Live Site Recovery only supports vSAN datastores, due to a supportability limitation from Broadcom<br> Stretched cluster is not supported|
-| **Zerto on Azure VMware Solution**  | Zerto supports version Zerto 10.0 U7 onwards <br> Zerto VAIO currently does not support the version upgrade or hotfix <br> DNS and network configuration changes for Zerto Virtual Machine aren't supported after installation.<br> Azure resource group modifications aren't supported after Zerto installation.<br> SSH or web console access for ZVML Virtual machine is restricted.<br> Service account credentials aren't shared with customers<br> A minimum of four hosts per cluster is required.<br> Backup and Snapshot features are unavailable for ZVML VM. <br> Customers are advised to coordinate directly with Zerto for timelines any fixes<br> Stretched cluster is not supported|
+| **VMware Live Site Recovery** | Array-based replication and storage policy protection groups <br> VMware vVOLs Protection Groups<br> VMware SRM IP customization using SRM command-line tools <br> Shared Site Recovery (One-to-Many and Many-to-One topologies) <br> Custom VMware SRM plug-in identifier or extension ID <br> Encrypted VMs unsupported <br> Enhanced replication supported in Gen2 only<br> Azure VMware Solution-Live Site Recovery currently supports vSAN datastores. Support for external datastores is under testing.<br> Currently, Live Site Recovery for Stretched cluster is not supported|
+| **Zerto on Azure VMware Solution**  | Zerto supports version Zerto 10.8 onwards<br> DNS and network configuration changes for Zerto Virtual Machine aren't supported after installation.<br> Azure resource group modifications aren't supported after Zerto installation.<br> SSH or web console access for ZVML Virtual machine is restricted.<br> Service account credentials aren't shared with customers<br> A minimum of four hosts per cluster is required.<br> Backup and Snapshot features are unavailable for ZVML VM. <br> Customers are advised to coordinate directly with Zerto for timelines any fixes<br> Stretched cluster is not supported|
 | **JetStream on Azure VMware Solution**| Requires a minimum of four hosts per cluster for upgrade                                                                               |
 | **Backup and Recovery Partners**|[Azure VMware Solution third Party BCDR](/azure/azure-vmware/ecosystem-back-up-vms) has been tested with the cloudadmin role. Azure VMware Solution can't provide more than [Cloudadmin Privilege](/azure/azure-vmware/architecture-identity). For further support, Contact the respective BCDR partners directly|
 
 
 
 
-Last Updated: **October 2025** – Updated monthly with the latest information. Visit Partner onboarding sites for timelines and details. Partners keep their products up to date.
+Last Updated: **February 2026** – Updated monthly with the latest information. Visit Partner onboarding sites for timelines and details. Partners keep their products up to date.

articles/sentinel/datalake/sentinel-mcp-billing.md

@@ -14,6 +14,8 @@ ms.custom: references_regions
 
 # Understand Microsoft Sentinel MCP server pricing, limits, and availability
 
+> [!IMPORTANT]
+> Some information relates to a prerelease product that may be substantially modified before it's released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.
 
 This article provides information on pricing, limits, and availability when setting up and using Microsoft Sentinel's Model Context Protocol (MCP) collection of security tools.
 
@@ -45,9 +47,10 @@ The following limits are specific to Microsoft Sentinel data lake MCP tools:
 | Query window for tools | 800 characters |
 
 ### Microsoft Sentinel entity analyzer tool
-Each tenant can use the entity analyzer MCP tool up to the following limits:
-- 100 total runs an hour
-- 250 total runs a day 
+Each tenant can use the entity analyzer MCP tool up to the following limits while this feature is in preview:
+- 250 total runs an hour
+- 500 total runs a day 
+- 10 concurrent runs at a time (based on available service capacity)
 
 ### Triage tool
 Regular API throttling applies to the tools in the triage tool collection. In addition, tools that call the advanced hunting API are bound by the existing advanced hunting quotas and service limits. [Learn more about advanced hunting quotas and usage parameters](/defender-xdr/advanced-hunting-limits#understand-advanced-hunting-quotas-and-usage-parameters)

articles/sentinel/datalake/sentinel-mcp-data-exploration-tool.md

@@ -75,7 +75,7 @@ Entity analysis tools might require a few minutes to generate results, so there
 
 | Parameters | Required? | Description | 
 |----------|----------|----------|
-| Microsoft Entra object ID or URL| Yes |This parameter takes in the user or URL you want to analyze. |
+| Microsoft Entra object ID, User Principal Name (UPN), or URL| Yes |This parameter takes in the user or URL you want to analyze. |
 | `startTime`| Yes |This parameter takes in the start time of the analysis window.  |
 | `endTime`| Yes |This parameter takes in the end time of the analysis window.  |
 | `workspaceId`| No |This parameter takes in a workspace identifier to limit the search to a single connected Microsoft Sentinel data lake workspace. |
@@ -95,18 +95,19 @@ While this tool automatically polls for a few minutes until results are ready, i
 
 #### Additional information
 - `analyze_user_entity` supports a maximum time window of seven days to maximize accuracy of the results. 
+- `analyze_user_entity` only works for users with a Microsoft Entra object ID (cloud users). On-premises Active Directory-only users aren't supported for user analysis.
 - `analyze_user_entity` requires the following tables to be present in the data lake to ensure accuracy of the analysis:
     - [AlertEvidence](../connect-microsoft-365-defender.md)
     - [SigninLogs](../connect-azure-active-directory.md)
-    - [BehaviorAnalytics](../enable-entity-behavior-analytics.md)
     - [CloudAppEvents](../connect-microsoft-365-defender.md)
     - [IdentityInfo](/defender-xdr/advanced-hunting-identityinfo-table) (Available only for tenants with Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, or Microsoft Defender for Endpoint P2 licensing)
 
     If you don't have any of these required tables, `analyze_user_entity` generates an error message that lists the tables you didn't onboard, along with links to their corresponding onboarding documentation.
 
 - `analyze_user_entity` works best when the following table is also present in the data lake, but continues to work and assess risk, even if the said table is unavailable:
     - [AADNonInteractiveUserSignInLogs](../connect-azure-active-directory.md)
-
+    - [BehaviorAnalytics](../enable-entity-behavior-analytics.md)
+    
 - `analyze_url_entity` works best when the following tables are present in the data lake, but continues to work and assess risk, even if the said tables are unavailable:
     - [EmailUrlInfo](../connect-microsoft-365-defender.md)
     - [UrlClickEvents](../connect-microsoft-365-defender.md)
@@ -116,7 +117,7 @@ While this tool automatically polls for a few minutes until results are ready, i
 
     If you don't have any of these tables, `analyze_url_entity` generates a response with a disclaimer that lists the tables you didn't onboard, along with links to their corresponding onboarding documentation.
 
-- Running multiple instances of the entity analyzer at the same time can increase latency for each run. To prevent timeouts, start by running a maximum of five analyses at once and then adjust this number as needed based on how the analyzer runs in your organization.
+- Running multiple instances of the entity analyzer at the same time can increase latency for each run. To prevent timeouts and avoid hitting the entity analyzer's [preview thresholds](sentinel-mcp-billing.md#microsoft-sentinel-entity-analyzer-tool-1), start by running a maximum of five analyses at once and then adjust it as needed based on how often the logic app is triggered in your organization. 
 
 ## Sample prompts
 

articles/sentinel/datalake/sentinel-mcp-logic-apps.md

@@ -85,7 +85,7 @@ To add the entity analyzer tool by using an existing logic app:
             ```
             {
             "entityType": "User",
-            "userId": "[Microsoft Entra object ID]"
+            "userId": "[Microsoft Entra object ID or User Prinicpal Name]"
             }
             ```
         You can enter these properties either manually or as dynamic values from previous actions.
@@ -103,11 +103,10 @@ Every logic app connector requires an authentication connection. This new action
 
 Running multiple instances of the entity analyzer at the same time can increase latency for each run. This issue is especially important when you use a **For each** loop in your entity analyzer logic apps, because it can queue multiple analyses at once (for example, multiple users in an incident, multiple incidents triggered at once). 
 
-To prevent timeouts from too many analyses running at once, turn on the **Concurrency control** in the **For each** action. Start by setting the **Degree of parallelism** to `5` and then adjust it as needed based on how the analyzer runs in your organization.
+To prevent timeouts from too many analyses running at once and to avoid hitting the entity analyzer's [preview thresholds](sentinel-mcp-billing.md#microsoft-sentinel-entity-analyzer-tool-1), turn on the **Concurrency control** in the **For each** action. Start by setting the **Degree of parallelism** to `5` and then adjust it as needed based on how often the logic app is triggered in your organization. 
 
 :::image type="content" source="media/sentinel-mcp/logic-app-concurrency.png" alt-text="Screenshot of the logic app loop settings." lightbox="media/sentinel-mcp/logic-app-concurrency.png":::
 
-
 For more information about loops, see [Add loops to repeat actions in workflows for Azure Logic Apps](../../logic-apps/logic-apps-control-flow-loops.md).