Re: Collect AIP data with Splunk Add-On for Micros...

sjcoluccio67 · ‎08-01-2018

Hello,

We want to send Azure Information Protection (AIP) data to Splunk. I have read the Splunk Docs on how to set up the Splunk Add-On for Microsoft Cloud Services to collect data, but it doesn't specify which services within Azure that it can collect data from.

Does anyone know if the add-on can be used to collect from AIP?

tony_melendez · ‎07-08-2020

I too am I trying to onboard Azure Information Protection (AIP) activity & usage logs into Splunk, but I cannot find any detailed instructions for doing so. None of the responses posted here so far seem to apply to this specific data source. Were you able to find a solution?

rkantamaneni_sp · ‎04-25-2019

Hi @sjcoluccio67 ,

In case you haven't found this, here's the link to the doc detailing the API Calls that the SA for MSCS is referencing:

https://docs.splunk.com/Documentation/AddOns/released/MSCloudServices/APIs

This doc also links to the MS API definitions.

deepashri_123 · ‎08-02-2018

Hey@sjcoluccio67,

You can refer this blog:
https://www.splunk.com/blog/2016/03/15/splunking-microsoft-azure-data.html
Also you can use this app:
https://splunkbase.splunk.com/app/3040/

Let me know if this helps!!

How to collect Azure Information Protection data with Splunk Add-On for Microsoft Cloud Services?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Splunk Community Badges!

How to find the worst searches in your Splunk environment and how to fix them

Share Your Feedback: On Admin Config Service (ACS)!

Join the Conversation