Enable Analytics on Microsoft Graph Security

Microsoft Graph Security is an external data source that aggregates data from multiple security providers. It also provides access to the user inventory data.

Citrix Analytics currently supports the following security providers from Microsoft Graph Security:

  • Azure AD identity protection
  • Windows Defender ATP

For more information on the security providers, see the following links:

To onboard the Microsoft Graph Security data source, you need to obtain the required permissions on behalf of a tenant, from the Microsoft identity platform.

Prerequisites

Before you begin onboarding the Microsoft Graph Security data source, ensure that:

  • The administrator is using the Azure AD Identity Protection (part of Azure AD Premium P2) security provider.

  • The end user is signed in to Microsoft Store with Work or School accounts.

Onboarding Microsoft Graph Security instances

  1. Go to Settings > Data Sources and then navigate to EXTERNAL DATA SOURCES.

  2. Click the plus (+) sign on the Microsoft Graph Security site card. You get redirected to the authorize endpoint.

    MSG Onboarding

  3. On the Microsoft window, sign in using your Azure logon credentials to register an account. Or, select an existing account.

  4. Click Next.

    MSG Onboarding

  5. Click Accept. You get redirected to the Data Sources page. The Microsoft Graph Security data source is now linked to your Citrix Cloud account.

    MSG Onboarding

Turn on or turn off data processing

To turn off data processing, click the vertical ellipsis (⋮) on the site card and select Turn off data processing. It stops Citrix Analytics from processing data for this data source.

You can turn on data processing again by selecting Turn On Data Processing on the site card.

MSG Onboarding

For information on Microsoft Graph Security risk indicators, see Microsoft Graph Security risk indicators.

Enable Analytics on Microsoft Graph Security