Product Documentation

Enable Analytics on Microsoft Security Graph

Microsoft Security Graph is an external data source that aggregates data from multiple security providers. It also provides access to the user inventory data.

Citrix Analytics currently supports the following security providers from Microsoft Security Graph:

  • Azure AD identity protection
  • Windows Defender ATP

For more information on the security providers, see the following links:

To onboard the Microsoft Security Graph data source, you need to obtain the required permissions on behalf of a tenant, from the Microsoft identity platform.

Prerequisites

Before you begin onboarding the Microsoft Security Graph data source, ensure that:

  • The administrator is using the Azure AD Identity Protection (part of Azure AD Premium P2) security provider.

  • The end user is signed in to Microsoft Store with Work or School accounts.

Onboarding Microsoft Security Graph instances

You can onboard the Microsoft Security Graph data source by following the steps mentioned below:

  1. Go to Settings > Data Sources and then navigate to EXTERNAL DATA SOURCES.

  2. Click the plus (+) sign on the Microsoft Security Graph site card. You get redirected to the authorize endpoint.

    MSG Onboarding

  3. On the Microsoft window, sign in using your Azure logon credentials to register an account. Or, select an existing account.

  4. Click Next.

    MSG Onboarding

  5. Click Accept. You get redirected to the Data Sources page. The Microsoft Security Graph data source is now linked to your Citrix Cloud account.

    MSG Onboarding

Turn on or turn off data processing

To turn off data processing, click the vertical ellipsis (⋮) on the site card and select Turn off data processing. This stops Citrix Analytics from processing data for this data source.

You can turn on data processing again by selecting Turn On Data Processing on the site card.

MSG Onboarding

Enable Analytics on Microsoft Security Graph