Microsoft Office 365 Data

The Splunk Add-on for Microsoft Office 365 is required to pull service status, service messages, management activity logs, and Message Trace (from the Add-on version 4.2.0) data from the Office 365 Management API.

Splunkbase Download: https://splunkbase.splunk.com/app/4055

Installation and Configuration Guide: https://docs.splunk.com/Documentation/AddOns/released/MSO365/Installationsteps

Required inputs to be configured (If input has “Content Type” dropdown then create input for each Content Type):

  • Management Activity
  • Message Trace
  • Service Health & Communications
  • Cloud Application Security
  • Audit Logs

Note: Configure the index value for Office 365 Data under the Data Source Macros section in Cyences’ Configuration page.

Copyright © 2024 CrossRealms International.