Hi everyone, is there an official document for the necessary api permissions? Or does anyone know about these permissions? Thank you
@matteosplunk This app does not need any api permission. It only provides Dashboards based on following Add-ons:
Splunk Add-on for Microsoft Office 365 - https://splunkbase.splunk.com/app/4055/
Splunk Add-on for Microsoft Security - https://splunkbase.splunk.com/app/6207/
Microsoft 365 Reporting Add-on for Splunk - https://splunkbase.splunk.com/app/3720/
Microsoft Teams Add-on for Splunk - https://splunkbase.splunk.com/app/4994/
What kind of data do you wanna onboard?
Hi
Paul Panther
Thank you for your answer.
I need to inboard data from Microsoft Defender / Threat Explorer
@matteosplunk Then you have to install Splunk Add-on for Microsoft Security | Splunkbase on your data collection node.
The documentation can be found here About the Splunk Add-on for Microsoft Security - Splunk Documentation
