All Apps and Add-ons
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- Re: Microsoft Teams AddOn and Splunk Cloud
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jasonabbott
Explorer
06-29-2020
12:13 PM
Hi, I'm trying to configure the Teams Add-on for Splunk (https://splunkbase.splunk.com/app/4994) on Splunk Cloud and I have gotten the UserReport working just fine, but none of the other data works. I have created a WebHook pointing to idm-xx.splunkcloud.com to ingest the CDR data, but I have received no traffic into it.
I've granted all the privileges to the Azure App that are called for in the detailed directions.
In fact, nothing but the User Reports are working. Is there a step I'm missing?
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jasonabbott
Explorer
07-01-2020
05:00 AM
I got it resolved; apparently I need to learn to read better :). You can't install the Add-on in Splunk Cloud, it has to be on a heavy forwarder. Once I did that and fixed the webhook (details here: https://community.splunk.com/t5/All-Apps-and-Add-ons/Ingesting-logs-from-Microsoft-Teams/m-p/506860/...), everything is working fine! Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jasonabbott
Explorer
07-01-2020
05:00 AM
I got it resolved; apparently I need to learn to read better :). You can't install the Add-on in Splunk Cloud, it has to be on a heavy forwarder. Once I did that and fixed the webhook (details here: https://community.splunk.com/t5/All-Apps-and-Add-ons/Ingesting-logs-from-Microsoft-Teams/m-p/506860/...), everything is working fine! Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
biagiodipalma
Explorer
04-23-2021
12:37 AM
How do you extract fields at search time if the app is not installed in Splunk Cloud instance?
I'm trying to ingest data from teams: my architecture has heavy forwarders that send data to Splunk Cloud.
Does the HF index data before sending to cloud?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Bodach
Observer
05-17-2021
03:11 AM
The app can still be installed on the Splunk Cloud search head for the search time knowledge etc. You just can't use the webhook.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
biagiodipalma
Explorer
05-17-2021
05:19 AM
In the end I had to edit the app manually because it was not accepted by Splunk AppInspect: I know that the app is useful for search time knowledge etc, but it's not compliant.
This is my solution.
Get Updates on the Splunk Community!
See your relevant APM services, dashboards, and alerts in one place with the updated ...
As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...
Index This | What goes away as soon as you talk about it?
May 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this month’s ...
What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025
This month, we’re delivering several new innovations in Splunk Observability Cloud and Splunk AppDynamics ...
