You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/connect-azure-information-protection.md
+11-8Lines changed: 11 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@ ms.devlang: na
13
13
ms.topic: conceptual
14
14
ms.tgt_pltfrm: na
15
15
ms.workload: na
16
-
ms.date: 09/20/2019
16
+
ms.date: 09/24/2019
17
17
ms.author: cabailey
18
18
19
19
---
@@ -52,19 +52,22 @@ However, if logging information from Azure Information Protection is going to a
52
52
53
53
## Connect to Azure Information Protection
54
54
55
-
Use the following instructions if you haven't configured a Log Analytics workspace for Azure Information Protection, or you need to change the workspace that stores the Azure Information Protection logging information.
55
+
> [!IMPORTANT]
56
+
> The Azure Information Protection data connector in Azure Sentinel is currently in public preview.
57
+
> This feature is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
58
+
> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/).
56
59
57
-
1. In Azure Sentinel, select **Data connectors**, and then **Azure Information Protection**.
60
+
Use the following instructions if you haven't configured a Log Analytics workspace for Azure Information Protection, or you need to change the workspace that stores the Azure Information Protection logging information.
58
61
59
-
2. On the **Azure Information Protection** blade, select **Open connector page**.
62
+
1. In Azure Sentinel, select **Data connectors**, and then **Azure Information Protection (Preview)**.
60
63
61
-
3. On the next blade, in the **Configuration** section, select **Azure Information Protection** to go to **Azure Information Protection analytics**.
64
+
2. Select **Open connector page**.
62
65
63
-
4. From the list of available workspaces, select the workspace that you're currently using for Azure Sentinel. If you select a different workspace, the reporting data from Azure Information Protection won't be available to Azure Sentinel.
66
+
3. On the **Configure analytics (Preview)** blade, select the workspace that you're currently using for Azure Sentinel. If you select a different workspace, the reporting data from Azure Information Protection won't be available to Azure Sentinel.
64
67
65
-
5. When you have selected a workspace, select **OK** and the connector **STATUS** should now change to **Connected**.
68
+
4. When you have selected a workspace, select **OK** and the connector **STATUS** should now change to **Connected**.
66
69
67
-
6. The reporting data from Azure Information Protection is stored in the **InformationProtectionLogs_CL** table within the selected workspace.
70
+
5. The reporting data from Azure Information Protection is stored in the **InformationProtectionLogs_CL** table within the selected workspace.
68
71
69
72
To use the relevant schema in Azure Monitor for this reporting data, search for **InformationProtectionEvents**. For information about these event functions, see the [Friendly schema reference for event functions](https://docs.microsoft.com/azure/information-protection/reports-aip#friendly-schema-reference-for-event-functions) section from the Azure Information Protection documentation.
0 commit comments