All Apps and Add-ons

Is the Splunk Addon for Microsoft Azure compatible with China Azure?

Splunk Employee
Splunk Employee

A China Azure customer wants to pull data out with Splunk Addon for Microsoft Azure from China Azure, but always failed. There is a log in the _internal log:

…ERROR ExecProcessor - message from ""C:\Program Files\Splunk\etc\apps\SplunkAzure\bin\SplunkAzure.exe"" An error occurred while processing this request.

I am sure the Azure account and key are right because I can query tables successfully via Azure Storage Explorer for China ( ), yes, there is another edition for Global Azure ( ). I guess the Azure addon might use the Global Azure’s codes, so I would like to confirm this app is only compatible with Global Azure or both?

Thanks a lot.

0 Karma

Splunk Employee
Splunk Employee

The old Windows-only add-on referenced in original question has been pulled down. Take a look at the new cross-platform Splunk Add-on for Microsoft Azure which pulls data from Azure Storage API using Azure Storage Python SDK.

Among others, the Add-on leverages TableService and BlockBlobService which use endpoint for Azure cloud. You'll need to set endpoint_suffix to endpoint to access Azure China cloud instead.

0 Karma


From my experience, this plugin does not currently support Azure China. I've coded an application of my own that targets Azure storage - the same API can be used for both Global Azure and China Azure. However, there is one value you need to change.

Example working with Blobs from the Azure Python SDK, should be quite similar for Table Storage:

Global Azure: blob_service = BlobService(account_name="my storage account", account_key="my account key", host_base="")
Azure China: blob_service = BlobService(account_name="my storage account", account_key="my account key", host_base="")

This plugin no longer seems to be under active development. However, this would be a very easy item to make configurable if the developer were to pick it back up.

0 Karma
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...