Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
11 results
Sorted by:
05-30-2019
11:17 AM
Hi,
I need to look at the raw events coming in from Office 365- which is JSON formatted,
and then route them based upon the content.
I want to route them based upon the "Workload" field t...
04-17-2020
12:32 AM
Hello,
I want to use ITSI Content Pack as a base for implementing ITSI. I also see a documentation about it in https://docs.splunk.com/Documentation/ITSICP/current/Config/About
But, it does not t...
Labels
- Labels:
-
configuration
-
using ITSI
3 weeks ago
...apabilities.The alerts are logged in Microsoft Purview, (a.k.a. the Compliance Center), in Microsoft Defender for Cloud Apps, Microsoft 365 Defender and Splunk.My problem is how do we get the necessary data out o...
Labels
- Labels:
-
search
09-19-2022
08:27 AM
Hi,
we would like to monitor authentication attempts in our SMTP server (Exchange 2016) but I could not find a way to do so.
We already have IT Essentials with the Exchange Content Pack but S...
Labels
- Labels:
-
configuration
-
other
01-22-2019
05:02 AM
1 Karma
...ogs; /opt/splunk/var/log/splunk/splunk_ta_o365_management_activity_Audit_AD.log
O365PortalError: 400:{"error":{"code":"AF20055","message":"Date range for requested content is invalid startTime:2...
08-16-2021
03:12 AM
Hi, after the installation of ITE Works 4.9.2 and the exchange content pack. I checked all the dashboards to be sure the data was correctly processed and I realized that some panels were blank. O...
Labels
- Labels:
-
configuration
-
using ITSI
10-08-2021
05:54 AM
Hi, recently we deployed IT Essential Works with latest Exchange Content Pack. we also deployed the three addons for the Exchange in the exchange nodes (including IIS and OWA logs). N...
- Tags:
- c_ip
Labels
- Labels:
-
configuration
-
other
-
troubleshooting
-
using ITSI
11-29-2021
02:52 AM
Hi, I have configured IT Essential Works (4.9.2) with Exchange content pack (1.4.3) and TA-Exchange-ClientAccess (4.0.3). By chance I was checking PowerShell event logs in our exchange s...
Labels
- Labels:
-
configuration
-
troubleshooting
-
using ITSI
01-29-2017
03:29 PM
I'm using the Splunk Add-on for Microsoft Cloud Services to ingest logs from Office 365. Specifically, I'm getting the Exchange Online Audit and Azure AD Audit logs.
After the O365 Management A...
04-12-2017
01:51 AM
2 Karma
We are currently using the Splunk Add-on for Microsoft Cloud Services but it doesn't support importing of message tracking logs. These logs are critical to our SOC so we need to find a way to e...
