You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/sap/deploy-data-connector-agent-container.md
+20-2Lines changed: 20 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ author: batamig
5
5
ms.author: bagol
6
6
ms.topic: how-to
7
7
ms.custom: devx-track-azurecli
8
-
ms.date: 10/28/2024
8
+
ms.date: 05/26/2025
9
9
appliesto:
10
10
- Microsoft Sentinel in the Microsoft Defender portal
11
11
- Microsoft Sentinel in the Azure portal
@@ -48,6 +48,9 @@ Before you connect your SAP system to Microsoft Sentinel:
48
48
49
49
- Make sure that all of the deployment prerequisites are in place. For more information, see [Prerequisites for deploying Microsoft Sentinel solution for SAP applications](prerequisites-for-deploying-sap-continuous-threat-monitoring.md).
50
50
51
+
> [!IMPORTANT]
52
+
> If you're working with the agentless data connector, you need the **Entra ID Application Developer** role or higher to successfully deploy the relevant Azure resources. If you don't have this permission, work with a colleague that has the permission to complete the process. For the full procedure, see the [connect the agentless data connector](#connect-your-agentless-data-connector-limited-preview) step.
53
+
51
54
- Make sure that you have the Microsoft Sentinel solution for **SAP applications**[installed in your Microsoft Sentinel workspace](deploy-sap-security-content.md)
52
55
53
56
- Make sure that your SAP system is fully [prepared for the deployment](preparing-sap.md).
@@ -336,7 +339,22 @@ At this stage, the system's **Health** status is **Pending**. If the agent is up
336
339
337
340
1. In Microsoft Sentinel, go to the **Configuration > Data connectors** page and locate the **Microsoft Sentinel for SAP - agent-less (Preview)** data connector.
338
341
339
-
1. In the **Configuration** area, scroll down and select **Add SAP client**.
342
+
1. In the **Configuration** area, expand step **1. Trigger automatic deployment of required Azure resources / SOC Engineer**, and select **Deploy required Azure resources**.
343
+
344
+
> [!IMPORTANT]
345
+
> If you don't have the **Entra ID Application Developer** role or higher, and you select **deploy required Azure resources**, an error message is displayed, for example: "Deploy required azure resources" (errors may vary). This means that the data collection rule (DCR) and data collection endpoint (DCE) were created, but you need to ensure that your Entra ID app registration is authorized. Continue to set up the correct authorization.
346
+
347
+
1. Do one of the following:
348
+
- If you have the **Entra ID Application Developer** role or higher, continue to the next step.
349
+
- If you don't have the **Entra ID Application Developer** role or higher:
350
+
- Share the DCR ID with your Entra ID administrator or colleague with the required permissions.
351
+
- Retrieve the client ID and client secret from the Entra ID app registration to use for authorization on the DCR. The SAP admin uses this information to post to the DCR.
352
+
- Ensure that the **Monitoring Metrics Publishing** role is assigned on the DCR, with the service principal assignment, using the client ID from the Entra ID app registration.
353
+
354
+
> [!NOTE]
355
+
> If you're a SAP administrator and don't have access to the connector installation, download the [integration package](https://aka.ms/SAPAgentlessPackage) directly.
356
+
357
+
1. Scroll down and select **Add SAP client**.
340
358
341
359
1. In the **Connect to an SAP Client** side pane, enter the following details:
Copy file name to clipboardExpand all lines: articles/sentinel/sap/sap-deploy-troubleshoot.md
+7-1Lines changed: 7 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: Learn how to troubleshoot specific issues that might occur in your
4
4
author: batamig
5
5
ms.author: bagol
6
6
ms.topic: troubleshooting
7
-
ms.date: 11/07/2024
7
+
ms.date: 05/26/2025
8
8
appliesto:
9
9
- Microsoft Sentinel in the Microsoft Defender portal
10
10
- Microsoft Sentinel in the Azure portal
@@ -39,6 +39,12 @@ Some legacy SAP systems may be missing required functionality for the **RFC_READ
39
39
40
40
For more information, see [Configure SAP Cloud Connector settings](preparing-sap.md#configure-sap-cloud-connector-settings).
41
41
42
+
## "Deploy required azure resources" error when setting up the data connector
43
+
44
+
When you set up the Microsoft Sentinel for SAP - agentless data connector, under the **Initial connector configuration > Step 1: Trigger automatic deployment of required Azure resources / SOC Engineer**, after you select **Deploy required resources**, you might see the "Deploy required azure resources" error or similar (errors may vary). This error might indicate that you're missing the required permissions for the Entra ID app registration.
45
+
46
+
If you don't have the **Entra ID Application Developer** role or higher, you need to work with a colleague that has this permission to finish setting up the Azure resources. For more information, follow the procedure in the [data connector agent connection](deploy-data-connector-agent-container.md#connect-your-agentless-data-connector-limited-preview) step.
47
+
42
48
## Missing "Last address routed"
43
49
44
50
If you see an error in the security audit log that you're missing the last address routed (an IP address), follow the guidance in the SAP note 3566290.
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments