All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Microsoft Cloud Services: NO Azure Audit logs.

Mkat1
New Member
‎04-24-2017 06:57 AM

Hi,
I created Azure Audit input. I have no logs when I open 'Search tab' and search for logs by index(specified when creating Audit input).
User which I use in 'Azure App Account' is Global administrator in azure.

What I'm doing wrong?

0 Karma
Reply

martaBenedetti
Path Finder
‎10-25-2022 06:04 AM

Hi,

I have the same issue: have you ever solved the problem?

 

Thanks

Marta

0 Karma
Reply

Bloodnite
Path Finder
‎11-08-2017 06:00 AM

I had to have our Azure admin enter his creds while remoted into my pc when I was setting up the app's configs/API integrations when it prompted to sign in after setting the API key etc for the app to use.

0 Karma
Reply

milshtyn
New Member
‎10-06-2017 12:10 PM

I basically have the same issue, but I do know it's a permissions issue. My splunk logs show this error:
APIError: "status=403, error_code=AuthorizationFailed, error_msg=The client 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx1133' with object id ''xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx1133' does not have authorization to perform action 'microsoft.insights/eventtypes/values/read' over scope '/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx12f4'."

I thought I configured everything correctly, but it's not pulling it. I use the same Active Directory Application in Azure AD for pulling Office 365 Management API Inputs and that works fine.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk App for Anomaly Detection End of Life Announcment

Q: What is happening to the Splunk App for Anomaly Detection?A: Splunk is officially announcing the ...

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...