All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

what are the conditions duplicate log occurs on microsoft office 365

prakashraja1999
Loves-to-Learn Everything
‎08-18-2021 10:05 PM

Heavy Forwarder is installed to acquire Azure AD logs. Add-on uses the following. Splunk Add-on for Microsoft Office 365 Please tell me the following description of the above Add-on troubleshooting. It is a recognition that duplicate log capture may occur, What are the conditions under which duplicate logs occur? 

Labels (1)
Labels
Tags (1)
0 Karma
Reply

shivanshu1593
Builder
‎08-19-2021 12:35 AM

Not quite sure as to what exactly are you asking, but the condition when the logs get duplicated are:

1. Two inputs querying the same eventhub or graph API to get the same sets of logs.

2. Using additional add ons like MS Azure Add on along with  to query the O365 Add on to get the logs.

3. Getting rid of the the last saved checkpoint, which then makes the add on read everything from the scratch as per the timeline of how far are you looking for logs while setting up the add on.

Thanks,

S

 

Thank you,
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...