Solved: Microsoft Graph Security API Add-on configuration ...

pateriaak · ‎07-14-2020

I have just install Microsoft Graph Security API Add-on and set up Application / Accesses at Azure end, however when I go into the configuration tab to add a new account, I just see a loading scroll and dont see any button to "ADD" account config. Have anyone encounter the same? if so please share how you resolve it.

faizancool85 · ‎07-15-2020

Looks like user running splunkd service doesn't have permission on "TA_microsoft_graph_security_add_on_for_splunk_rh_account.py" script, You can find this script under bin directory of the Graph Security addon.

Hope this solves your question 🙂

View solution in original post

faizancool85 · ‎07-15-2020

I deployed it a couple of weeks back, I didn't face this issue.

What is the core version? Graph API Version? and OS?

pateriaak · ‎07-15-2020

What is the core version? 7.2.9.1

Graph API Version? 1.1.0

and OS? 3.10.0-514.el7.x86_64

faizancool85 · ‎07-15-2020

Looks like user running splunkd service doesn't have permission on "TA_microsoft_graph_security_add_on_for_splunk_rh_account.py" script, You can find this script under bin directory of the Graph Security addon.

Hope this solves your question 🙂

pateriaak · ‎07-15-2020

Thank you, I can see the option in config tab to add a new account.

faizancool85 · ‎07-15-2020

You're welcome! An upvote to the answer would be appreciated 🙂

Microsoft Graph Security API Add-on configuration issue

configuration

installation

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?