Update connect-azure-active-directory.md

Author: guywi-ms

articles/sentinel/connect-azure-active-directory.md

@@ -21,21 +21,21 @@ This table lists the logs you can send from Microsoft Entra ID to Microsoft Sent
 
 | **Log type** | **Log description** | **Log schema** | **Supports Basic and Auxiliary plans?** |
 |--------------|-----------------------------------|----------------|----------------------------------------|
-| [**Audit logs**](../active-directory/reports-monitoring/concept-audit-logs.md) | System activity related to user and group management, managed applications, and directory activities. | [AuditLogs](/azure/azure-monitor/reference/tables/auditlogs) | ✅ |
+| [**Audit logs**](../active-directory/reports-monitoring/concept-audit-logs.md) | System activity related to user and group management, managed applications, and directory activities. | [AuditLogs](/azure/azure-monitor/reference/tables/auditlogs) |  |
 | [**Sign-in logs**](../active-directory/reports-monitoring/concept-all-sign-ins.md) | Interactive user sign-ins where a user provides an authentication factor. | [SigninLogs](/azure/azure-monitor/reference/tables/signinlogs) | ✅ |
 | [**Non-interactive user sign-in logs**](../active-directory/reports-monitoring/concept-all-sign-ins.md#non-interactive-user-sign-ins) | Sign-ins performed by a client on behalf of a user without any interaction or authentication factor from the user. | [AADNonInteractiveUserSignInLogs](/azure/azure-monitor/reference/tables/aadnoninteractiveusersigninlogs) | ✅ |
 | [**Service principal sign-in logs**](../active-directory/reports-monitoring/concept-all-sign-ins.md#service-principal-sign-ins) | Sign-ins by apps and service principals that don't involve any user. In these sign-ins, the app or service provides a credential on its own behalf to authenticate or access resources. | [AADServicePrincipalSignInLogs](/azure/azure-monitor/reference/tables/aadserviceprincipalsigninlogs) | ✅ |
 | [**Managed Identity sign-in logs**](../active-directory/reports-monitoring/concept-all-sign-ins.md#managed-identity-for-azure-resources-sign-ins) | Sign-ins by Azure resources that have secrets managed by Azure. For more information, see [What are managed identities for Azure resources?](../active-directory/managed-identities-azure-resources/overview.md). | [AADManagedIdentitySignInLogs](/azure/azure-monitor/reference/tables/aadmanagedidentitysigninlogs) | ✅ |
-| [**AD FS sign-in logs**](/entra/identity/monitoring-health/concept-usage-insights-report#ad-fs-application-activity) | Sign-ins performed through Active Directory Federation Services (AD FS). | [ADFSSignInLogs](/azure/azure-monitor/reference/tables/adfssigninlogs) |  |
+| [**AD FS sign-in logs**](/entra/identity/monitoring-health/concept-usage-insights-report#ad-fs-application-activity) | Sign-ins performed through Active Directory Federation Services (AD FS). | [ADFSSignInLogs](/azure/azure-monitor/reference/tables/adfssigninlogs) | ✅ |
 | [**Enriched Office 365 audit logs**](/entra/global-secure-access/how-to-view-enriched-logs) | Security events related to Microsoft 365 apps. | [EnrichedOffice365AuditLogs](/azure/azure-monitor/reference/tables/enrichedmicrosoft365auditlogs) |  |
-| [**Provisioning logs**](../active-directory/reports-monitoring/concept-provisioning-logs.md) | System activity information about users, groups, and roles provisioned by the Microsoft Entra provisioning service. (**PREVIEW**) | [AADProvisioningLogs](/azure/azure-monitor/reference/tables/aadprovisioninglogs) | ✅ |
+| [**Provisioning logs**](../active-directory/reports-monitoring/concept-provisioning-logs.md) | System activity information about users, groups, and roles provisioned by the Microsoft Entra provisioning service. (**PREVIEW**) | [AADProvisioningLogs](/azure/azure-monitor/reference/tables/aadprovisioninglogs) |  |
 | [**Microsoft Graph activity logs**](/graph/microsoft-graph-activity-logs-overview) | HTTP requests accessing your tenant’s resources through the Microsoft Graph API. | [MicrosoftGraphActivityLogs](/azure/azure-monitor/reference/tables/microsoftgraphactivitylogs) | ✅ |
 | [**Network access traffic logs**](/entra/global-secure-access/how-to-view-traffic-logs) | Network access traffic and activities. | [NetworkAccessTraffic](/azure/azure-monitor/reference/tables/networkaccesstraffic) |  |
 | [**Remote network health logs**](/entra/global-secure-access/how-to-remote-network-health-logs?tabs=microsoft-entra-admin-center) | Insights into the health of remote networks. | [RemoteNetworkHealthLogs](/azure/azure-monitor/reference/tables/remotenetworkhealthlogs) |  |
-| [**User risk events**](/entra/id-protection/howto-identity-protection-investigate-risk?branch=main#risk-detections-report) | User risk events generated by Microsoft Entra ID Protection. | [AADUserRiskEvents](/azure/azure-monitor/reference/tables/aaduserriskevents) | ✅ |
-| [**Risky users**](/entra/id-protection/howto-identity-protection-investigate-risk#risky-users-report) | Risky users logged by Microsoft Entra ID Protection. | [AADRiskyUsers](/azure/azure-monitor/reference/tables/aadriskyusers) | ✅ |
-| [**Risky service principals**](/entra/id-protection/howto-identity-protection-investigate-risk?branch=main#risk-detections-report) | Information about service principals flagged as risky by Microsoft Entra ID Protection. | [AADRiskyServicePrincipals](/azure/azure-monitor/reference/tables/aadriskyserviceprincipals) | ✅ |
-| [**Service principal risk events**](/entra/id-protection/howto-identity-protection-investigate-risk#risky-users-report) | Risk detections associated with service principals logged by Microsoft Entra ID Protection. | [AADServicePrincipalRiskEvents](/azure/azure-monitor/reference/tables/aadserviceprincipalriskevents) | ✅ |
+| [**User risk events**](/entra/id-protection/howto-identity-protection-investigate-risk?branch=main#risk-detections-report) | User risk events generated by Microsoft Entra ID Protection. | [AADUserRiskEvents](/azure/azure-monitor/reference/tables/aaduserriskevents) |  |
+| [**Risky users**](/entra/id-protection/howto-identity-protection-investigate-risk#risky-users-report) | Risky users logged by Microsoft Entra ID Protection. | [AADRiskyUsers](/azure/azure-monitor/reference/tables/aadriskyusers) |  |
+| [**Risky service principals**](/entra/id-protection/howto-identity-protection-investigate-risk?branch=main#risk-detections-report) | Information about service principals flagged as risky by Microsoft Entra ID Protection. | [AADRiskyServicePrincipals](/azure/azure-monitor/reference/tables/aadriskyserviceprincipals) |  |
+| [**Service principal risk events**](/entra/id-protection/howto-identity-protection-investigate-risk#risky-users-report) | Risk detections associated with service principals logged by Microsoft Entra ID Protection. | [AADServicePrincipalRiskEvents](/azure/azure-monitor/reference/tables/aadserviceprincipalriskevents) |  |
 
 > [!IMPORTANT]
 > Some of the available log types are currently in **PREVIEW**. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for other legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.