This document assumes that you have already created the app and registered the app for Transilience to have read only access into Azure. If not , refer to this document. Once the app is created, you need to add permissions for Transilience to access the logs. The below is the summary for logs that are usually needed for compliance -
In summary, you are giving access for Transilience to store, analyze and alert on Defender logs, Entra access logs, Intune logs
Step 1 -
Go to the registered app, which you created already, go to API permissions.
Step 2 -
Add each of the permissions above. Below are couple of examples.
ThreatHunting
Ensure you added below permissions
Save permissions
and Grant permissions
Inform your account manager of your forward deployed engineer that you have given access.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article