All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Microsoft Security and Microsoft URLs

foresterd
Loves-to-Learn
‎11-09-2023 06:01 AM

I just want to pose a quick question about the Microsoft API URLs that are used in the add-on.  At what point will the add-on be updated to reflect the new URL changes?  I had a conversation with a Microsoft engineer, and he mentioned that the following URLs may not work past Dec 31 2024:   

API_ADVANCED_HUNTING = "/api/advancedhunting/run"
API_ALERTS = "/api/alerts"
API_INCIDENTS = "/api/incidents

This link shows the difference between some of the old vs new urls :  Use the Microsoft Graph security API - Microsoft Graph v1.0 | Microsoft Learn

I know it's a while off.  However, it comes quick at times.  Just trying to understand the process so I can stay ahead of it.  Also, I have seen add-ons that have the option for legacy inputs and also for current.  It would be great to have an option like that before the URL switch for this add-on.

Labels (3)
0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...