Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Expired key microsoft 365 app

splunkcol
Builder
‎12-13-2023 08:32 AM

 

I have configured the APP for microsoft 365 which was working properly but it stopped working and after checking it was found that one of the keys or certificates had expired.

I contacted the administrator asking him for the "Client Secret" and he gave me the information but he also asks for the "Cloud App Security Token" field and I really have no idea what information I should ask the administrator for.

I would be grateful if you could explain me if it is possible.

Thanks

splunkcol_0-1702484874304.png

 

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎12-13-2023 09:25 AM

Hi

I haven't check this for some time, but at least earlier that could be empty. See https://data-findings.com/wp-content/uploads/2023/04/M365-app-and-TAs-2023-03-15-sanitised.pdf page 13.

r. Ismo

View solution in original post

Reply
Solved! Jump to solution

rajd2024
Observer
‎01-20-2024 08:28 PM

@splunkcol  the update of plugin worked - your reply helped my friend. I wish you the best.

0 Karma
Reply
Solved! Jump to solution

rajd2024
Observer
‎01-20-2024 06:40 PM

Hi @splunkcol  what was your fix? We have exact same issue. Its a mandatory field as soon we update the secret key - and doesn't allow save. 

0 Karma
Reply
Solved! Jump to solution

splunkcol
Builder
‎01-20-2024 08:11 PM

Hi, forgive my English, I'm using a translator.

About the problem it is better that you send a ticket to Splunk directly, it seems to be a bug in the end I gave up because whenever they ask about the version of splunk they always make the excuse that they do not support old versions of Splunk, in this case although it is true that I was using an old version of Splunk clearly the problem was the add-on.

0 Karma
Reply
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎12-13-2023 09:25 AM

Hi

I haven't check this for some time, but at least earlier that could be empty. See https://data-findings.com/wp-content/uploads/2023/04/M365-app-and-TAs-2023-03-15-sanitised.pdf page 13.

r. Ismo

Reply
Solved! Jump to solution

splunkcol
Builder
‎12-13-2023 10:16 AM

Thank you very much for your valuable help, you are right the field below should be optional but for some reason it is a mandatory field.

I will send a ticket

0 Karma
Reply
Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...

Federated Search for Amazon S3 | Key Use Cases to Streamline Compliance Workflows

Modern business operations are supported by data compliance. As regulations evolve, organizations must ...