Use Splunk to Collect Logs from Office 365 and Azure AD
Рет қаралды 23,428
Күн бұрынSplunk is a leading log management solution used by many organizations. This video explains how to send log data from Azure AD and O365 platforms to Splunk. The O365 data includes Azure AD Audit and Login activity, Exchange Online, SharePoint, Teams, and OneDrive.
For a written version see my blog at www.ciraltos.com/use-splunk-t...
The Microsoft 365 App for Splunk requirements can be found here:
splunkbase.splunk.com/app/3786/
@txgoalie15 3 жыл бұрын
The instructions from Splunk were lacking. This got me where I needed to go. Thanks!
@Ciraltos 3 жыл бұрын
Glad I could help!
@FracturesHD 3 жыл бұрын
It seems like the documentation from Splunk is always lacking. Glad I'm not the only one who thinks this.
@ashleyhammond7564 3 жыл бұрын
Travis is a legend. His youtube content is so good that i went and purchased his WVD coarse and it was worth every penny!!
@Ciraltos 3 жыл бұрын
Thank you!
@stefanspinu5381 4 жыл бұрын
I feel like these videos will be very useful for people over the long haul, even though the UI will most likely change. Great job!
@bettycole9233 3 жыл бұрын
@Darkteckh on telegram is a real vendor I can’t believe my eyes that man too real Go on his telegram He sell credit card with high balance💦
@alfonsorodriguez5449 4 жыл бұрын
Totally impressed for the completeness of this video, super useful, Thanks !
@Ciraltos 4 жыл бұрын
Great to hear!
@bettycole9233 3 жыл бұрын
@Darkteckh on telegram is a real vendor I can’t believe my eyes that man too real Go on his telegram He sell credit card with high balance💦
@princysamuel2914 3 жыл бұрын
Thankyou Travis.Very very useful video. Step by step explanation helped me understand the complete setup.
@Ciraltos 3 жыл бұрын
Glad it helped!
@gnanaraja5277 4 жыл бұрын
Thanks a lot for the Video Travis. It helped me to implement the same. Keep up the good work!!
@bettycole9233 3 жыл бұрын
@Darkteckh on telegram is a real vendor I can’t believe my eyes that man too real Go on his telegram He sell credit card with high balance💦
@dn8153 3 жыл бұрын
A great video is so much easier to follow then documentation. This indeed is a great video. Well done!
@Ciraltos 3 жыл бұрын
Glad it was helpful!
@TheNinetyEagle Жыл бұрын
Thank you this helped me a lot :)
@GoFancy101 2 жыл бұрын
Thank you for the information
@akankshasagar5553 3 жыл бұрын
Very useful! Thank you for sharing it ..keep up the good work.
@Ciraltos 3 жыл бұрын
Glad it was helpful!
@JMANGRUNT Жыл бұрын
I think the process may have changed a bit with newer versions of the add-on, now you need to get most of the api permissions from the microsoft graph api.
@GOATTIGER3 2 жыл бұрын
Thanks for posting this video. It is really useful. Does this add-on pull info from defender portal? Thanks!
@markrawson1435 2 жыл бұрын
hello Travis, can you add a video on how to setup splunk with event hub or azure log analytics
@sigitsuryana6399 4 жыл бұрын
hi sir, thanks you help me a lot ...
@Ciraltos 4 жыл бұрын
Happy to help
@imadtakrouri8747 3 жыл бұрын
when request API permission we cannot see Activity reports, threat Intelligence, could you help me please
@rohitnikam6089 4 жыл бұрын
I am working on installing Microsoft teams add on for splunk since its a pre-requisite for Microsoft office 365 app for Splunk. I am having issue with Webhook for Teams Add-On. Have you ever tried collecting logs for Microsoft Teams?
@Ciraltos 4 жыл бұрын
Sorry, I haven't tried that one.
@jwkriewall5610 3 жыл бұрын
Would this method work with powerApps?
@kundankumarsaraf3563 15 күн бұрын
Useful video. Thanks.
@larryharris2428 4 жыл бұрын
In my azure AD admin center unter my splunklogs app, when setting the Office 365 Management APIs, I only see ActivityFeed and ServiceHealth, the ActivityReports and ThreatIntelligence do not Show up for me. Do you have any clue as to why it would be like this in my portal?
@historyisgonnachange 3 жыл бұрын
I have the same issue. Did you ever figure out why?
@itistheway6893 4 жыл бұрын
Thank you for creating this. Trying to decipher steps from Splunk and Microsoft's documentation is impossible.
@Ciraltos 4 жыл бұрын
You're very welcome!
@hatbeardx 4 жыл бұрын
100% it was all nonsense but this made it easy
@pradnyakamble5950 3 жыл бұрын
Hey the link for the blog is not working
@Ciraltos 3 жыл бұрын
I got a 404 error trying to access the page, did a search and found it with the same link, odd. If it’s still a problem, go to splunkbase.splunk.com search for Microsoft 365 App, it’s the “Microsoft 365 App for Splunk".
@pradnyakamble5950 3 жыл бұрын
Not for the app It's for the blog I am talking
@smartmiran 3 жыл бұрын
The way you don't or can't keep eye contact with audience does not make me want to ingage. The video was very interesting though. Thanks
QAZSPORT TV / ҚАЗСПОРТ TV
Рет қаралды 550 М.
Black Hills Information Security
Рет қаралды 4 М.
Log Analysis with Splunk | How to use Splunk to analyse a Real time Log | Splunk Use Cases | Edureka
edureka!
Рет қаралды 123 М.
John Savill's Technical Training
Рет қаралды 214 М.
CyberSatrix
Рет қаралды 11 М.
Bikash's Tech
Рет қаралды 4,9 М.
Office365Concepts
Рет қаралды 12 М.
Buy Smart┃Магазин ноутбуков
Рет қаралды 1,6 МЛН
LED Screen Factory-EagerLED
Рет қаралды 5 МЛН
KingStore_astrakhan
Рет қаралды 4,1 МЛН