Assign the Role of Microsoft Sentinel Contributor

Required User Role: Basic User
Note: The Tenable integration with Microsoft Sentinel works with a Basic User if that user is assigned Can View permissions on the assets they are to export, along with Can Use permissions on tags the assets are assigned. Without the Can Use tag permissions, the assets return undefined or the integration fails to export vulnerabilities if a tag filter is used. For more information on Tenable Vulnerability Management permissions and user roles, refer to Permissions in the Tenable Developer Portal.

Before you begin:

• You must Install the Tenable App for Microsoft Sentinel

To assign the role of Microsoft Sentinel Contributor to an application in Microsoft Entra ID:

1. In the Azure portal, navigate to Resource Group and select your resource group.

2. In the left menu, click Access control (IAM).

3. Click Add.

4. Select Add role assignment.

5. Select Microsoft Sentinel Contributor.

6. Click Next.

7. In Assign access to, select either User, Group, or Service Principal.

8. Click Add members.

9. Type the name of the application you created, and select it.

10. Click Review + assign.

    A new window appears.

11. In the new window, again click Review + assign.

Note: For more information, refer to the Microsoft documentation.

Continue installing the Tenable App for Microsoft Sentinel

1. Create the Log Analytics Workspace

2. Onboard Microsoft Sentinel to Defender

3. Add the Tenable App to Microsoft Sentinel