You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/datalake/identity-attack-graph.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -41,7 +41,7 @@ You can query the graph to:
41
41
To set up the identity attack graph, make sure you meet the following prerequisites:
42
42
43
43
- Microsoft Sentinel data lake enabled in your environment
44
-
- Permissions to turn on or update the **Microsoft Entra ID Assets** and **Azure Resource Graph connectors**
44
+
-[Permissions](/azure/sentinel/datalake/enable-data-connectors#required-permissions-for-asset-sources) to turn on or update the **Microsoft Entra ID Assets** and **Azure Resource Graph connectors**
45
45
- Global Administrator, Security Administrator to create the graph
46
46
47
47
## Set up the identity attack graph
@@ -74,7 +74,7 @@ Follow these steps to query the graph when the graph is ready to use:
74
74
:::image type="content" source="./media/identity-attack-graph/predefined-query.png" alt-text="Screenshot showing the predefined query on the graph" lightbox="./media/identity-attack-graph/predefined-query.png":::
75
75
76
76
> [!NOTE]
77
-
> It's recommended that you start with the predefined queries, which is designed to surface common and high‑value investigation scenarios. These queries help you get immediate value without writing GQL from scratch.
77
+
> It's recommended that you start with the predefined queries, which are designed to surface common and high‑value investigation scenarios. These queries help you get immediate value without writing GQL from scratch.
0 commit comments