All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Microsoft Cloud Services with proxy?

szabados
Communicator
‎06-09-2017 03:47 AM

I'm trying to use the above add-on to get Azure Audit logs, and I want to use a proxy. Everything is configured according to the docs, but any time the script tries to download the data, I'm getting 10061.
I double checked with wireshark, the script is not even trying to connect to my proxy, instead it tries connecting directly to the Microsoft servers. I'm running on a Windows server.

How can I get this working ?

Reply

fatemabw
New Member
‎11-02-2018 12:30 PM

Figured it out.
Got it to working.
There is a config file inside the apps folder under the add-on, where the proxy settings has to be explicitly mentioned.

Under: /opt/splunk/etc/apps/Splunk_TA_microsoft-cloudservices/local/splunk_ta_ms_o365_client_settings.conf
[proxy]
proxy_enabled = 1
proxy_rdns = 1
proxy_type = http

proxy_password = password of proxy account

proxy_port = 8000
proxy_url = proxy1.your.server.com
disabled = 0

proxy_username = user name of proxy account

0 Karma
Reply

oljaszubs
Engager
‎08-21-2018 06:18 AM

I have the same issue - I can't see any traffic to be forwarded to provided proxy. Does anybody manage it to run ?

0 Karma
Reply

fatemabw
New Member
‎10-31-2018 12:31 PM

I am also struggling with the same. I have followed the doc to install, and since the forwarder is sitting behind a proxy, which majority of deployments do, can't connect to the proxy, instead Splunk forwarder is trying to directly connect to the MS cloud IP.
I have tried setting the proxy config in splunk-launch.conf, server.conf but nothing seem to work.

Has anyone figured out the solution?

Appreciate the help and comments!

0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...