You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
-[Visual Studio Code](sentinel-mcp-use-tool-visual-studio-code.md)
31
31
32
+
> [!IMPORTANT]
33
+
> Access to Sentinel MCP tools is supported for users, managed identities, or service principals that are assigned with ***at least*** any of the following roles:
34
+
> - Security Administrator
35
+
> - Security Operator
36
+
> - Security Reader
37
+
32
38
## Add the data exploration collection
33
39
34
40
To add the data exploration collection, first set up Microsoft Sentinel's unified MCP server interface. Follow the step-by-step instructions for compatible [AI-powered code editors and agent-building platforms](sentinel-mcp-get-started.md#add-microsoft-sentinels-collection-of-mcp-tools).
@@ -78,6 +84,14 @@ For example, `analyze_user_entity` reasons over the user's authentication patter
78
84
79
85
Entity analysis tools might require a few minutes to generate results, so there are tools to start analysis for each entity and another one that polls for the analysis results.
80
86
87
+
> [!IMPORTANT]
88
+
> To use the entity analyzer tool, you also need the following roles:
89
+
> -**Security Copilot Contributor** – This role is required to use the tool, which consumes Security Compute Units (SCUs) to deliver reasoned entity risk analysis.
90
+
> -**Security Copilot Owner** (optional) – This role is only required to view and monitor SCU usage.
91
+
>
92
+
> For more information, see [Understand authentication in Microsoft Security Copilot](/copilot/security/authentication).
93
+
94
+
81
95
#### Start analysis (`analyze_user_entity` and `analyze_url_entity`)
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments