Splunk Cloud Platform

microsoft o365 add-on

verifi81
Path Finder

My architecture is 

Splunk Cloud and Splunk Enterprise - search heads and indexers

I have a onprem Heavy forwarder.

I want to try out the Splunk add-on for Microsoft o365 app. 

Would it be recommended to install on the Heavy forwarder and have that reach out to o365 to retrieve the audit logs and then send it up to splunk cloud?  Or can I have splunk cloud directly connect to my O365 tenant? 

Labels (2)
0 Karma
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...