Hello All,
I m getting duplicate events for my O365 logs.Have checked from my O365 side configurations and seems everything fine from O365 end.
Is this something need to corrected from Splunk side ??
Thanks,
Ramu.R
A possible better way of getting logs from O365/Azure: https://answers.splunk.com/answers/678660/how-to-get-logs-from-azure-and-o365-into-splunk.html
@mailmetoramu
I think you are facing Issue registered as known issue: ADDON-20076. Can you please check & confirm it? Or it something new.
https://docs.splunk.com/Documentation/AddOns/released/MSO365/Releasenotes
