Splunk Add-on for Microsoft Cloud Services: Does t...

chrisbaird · ‎05-22-2017

Hi,

We evaluated the Splunk Add-on for Microsoft Cloud Services some time back, and it was clear that it hooked the various O365 and Azure management and service APIs.

However, Microsoft (MS) offers log aggregation through OMS Log Analytics, which itself has a search API that can consolidate and expose all logs from O365 and Azure.

This means a lot less work on the Splunk side in order to pull logs and events, when using a broad cloud toolset.

Does the add-on have any support for the OMS Log Analytics API? If not, are there plans to add it? Failing that, could a generic REST API add-on provide the same function in order to simply pull all logs and events that are exposed?

Thanks

Chris

jkat54 · ‎10-18-2017

https://splunkbase.splunk.com/app/3764/

Give t a few days for splunk to approve and then check this link.

jkat54 · ‎10-11-2017

No but I’ve got an oms inputs app coming soon. Hang tight it’s going through testing right now.

port7 · ‎02-20-2018

Hi did this OMS input app get done? I want to query OMS, and don't think the Microsoft Cloud Services App does it

jkat54 · ‎02-20-2018

Yes:

https://splunkbase.splunk.com/app/3764/

Splunk Add-on for Microsoft Cloud Services: Does this add-on support Microsoft OMS Log Analytics API (O365 and Azure)?

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

Are you a member of the Splunk Community?

Splunk Add-on for Microsoft Cloud Services: Does this add-on support Microsoft OMS Log Analytics API (O365 and Azure)?

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!