Microsoft Azure

Getting Microsoft Azure data into the Splunk platform

800px-Azure_-_GDI_Splunk_Cloud

MS Office 365

Configure an integration application in Microsoft Entra ID (Azure AD) for the Splunk Add-on for Microsoft Office 365

Configure a Tenant in the Splunk Add-on for Microsoft Office 365

Grant tenant-wide admin consent to an application

Register a Microsoft Entra app and create a service principal

Step 1
- Go to admin.microsoft.com.
- On the left blade click on show all
- Navigate to Security, then click on search, under search click on Audit log search, Turn on auditing 

Step 2
- Kindly go to Azure portal, navigate to app registration, go to API permission, click add permission.
- Scroll down and look for Office 365 Management APIs, click on application permission, select all of the permissions and grant the admin consent.

Windows Console

How to Determine What Just Ran on Windows Console

PreviousFortiGateNextMicrosoft Windows

Last updated