Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Re: Microsoft Office 365 Reporting Add-on for Splu...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am continually getting a 404 Client error for bad request due to the start and end dates being past 7 days. The app works when I Index Once but as soon as I enable continuous monitor and add a day within 7 days from today I get the following error: ExecProcessor - message from "python /opt/splunk/etc/apps/TA-MS_O365_Reporting/bin/ms_o365_message_trace.py" HTTP Request error: 400 Client Error: Bad Request for url: https://reports.office365.com/ecp/reportingwebservice/reporting.svc/MessageTrace?$filter=StartDate%2...'
I have the following settings for the app: Interval=180 Query Window size= 30 Delay throttle=32 and Start date/time= 2019-05-10T09:00:00.
I checked the local directory as well to verify these setting are in the input.conf file.
Why does the error show a date of 2018? Is there another place I should check for the start/end date?
Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We had to create another Input to resolve the issue. However, using the clone feature migrated the issue over to the cloned input as well so while the new input contains the same information it had to be built manually.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We had to create another Input to resolve the issue. However, using the clone feature migrated the issue over to the cloned input as well so while the new input contains the same information it had to be built manually.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you found a solution to this? We are having major issues with our inputs randomly stopping as well. I'm seeing a lot of 400 Client Errors.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Index This | What travels the world but is also stuck in place?
Discover New Use Cases: Unlock Greater Value from Your Existing Splunk Data
Continue Your Journey: Join Session 2 of the Data Management and Federation Bootcamp ...
