Splunk Enterprise

Splunk Add On for O365 Azure AD group members


Is there a splunk add on available that can provide Azure O365 AD group members list into Splunk?


Eg: on querying for group1@domain.com

It should return member1@domain.com, member2@domain.com


I found few add ons but they seem to be for logging/monitoring purposes like who changed what and when.

Did not find anything like say Microsoft graph via Splunk to list groups, get group members etc

Labels (1)
0 Karma
Get Updates on the Splunk Community!

BSides Splunk 2022 - The Call for Papers is now Open!

TLDR; Main Site: https://bsidessplunk.com CFP Site: https://bsidessplunk.com/cfp CFP Opens: December 15th, ...

Sending Metrics to Splunk Enterprise With the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

What's New in Splunk Cloud Platform 9.0.2208?!

Howdy!  We are happy to share the newest updates in Splunk Cloud Platform 9.0.2208! Analysts can benefit ...