Does anyone know what needed permissions are in Azure for this?
What are you trying to do and I can see what I can find. I have been working on some Sentinel workflows myself.
I want to either run a saved query and process the results, or have the query generate a Sentinel Alert, that I can pull the results and process. I’m looking fo something similar to the Splunk Query Action.
Haven’t had much luck tracking down permissions required. I will let you know what I find if I come across anything specific.