Deployment Architecture

Can I use Splunk Enterprise Add on as log management tool for Azure Websites (AppService)?

New Member


I am hosting a website in Azure Platform as a Service(PaaS).

I am using Azure AppService to host my website and a Linux VM hosting MySQL database and connected both.

What I am planning to do is integrate logs (Application, web server, Azure Activity logs, MySQL logs) and monitor them.

Is it possible to achieve this using Splunk enterprise?


0 Karma

Splunk Employee
Splunk Employee

For this scenario, you can use the Splunk Add-on for Microsoft Cloud Services (a.k.a. MSCS) to pull in the data from the various components listed. Azure Websites expose data via an Azure Blob, and the MSCS add-on can pull in the data written there. For the Linux VMs, you can install a Universal Forwarder, or you can enable diagnostics within Azure and have Splunk pick up the diagnostic data. The MSCS add-on can also pick up the Azure Activity logs (a.k.a. Azure Audit logs).

0 Karma
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...