Activity Feed
- Karma Re: Why did our heavy forwarder start indexing locally and how to disable this? for MuS. 06-05-2020 12:47 AM
- Posted Re: Why am I unable to view data in our production environment in Microsoft Cloud App for Splunk? on All Apps and Add-ons. 05-24-2018 04:20 PM
- Posted Why am I unable to view data in our production environment in Microsoft Cloud App for Splunk? on All Apps and Add-ons. 05-23-2018 08:28 PM
- Tagged Why am I unable to view data in our production environment in Microsoft Cloud App for Splunk? on All Apps and Add-ons. 05-23-2018 08:28 PM
- Tagged Why am I unable to view data in our production environment in Microsoft Cloud App for Splunk? on All Apps and Add-ons. 05-23-2018 08:28 PM
- Tagged Why am I unable to view data in our production environment in Microsoft Cloud App for Splunk? on All Apps and Add-ons. 05-23-2018 08:28 PM
- Posted Re: Domain incorrect on All Apps and Add-ons. 04-18-2018 08:32 PM
- Posted Domain incorrect on All Apps and Add-ons. 04-18-2018 06:09 PM
- Tagged Domain incorrect on All Apps and Add-ons. 04-18-2018 06:09 PM
- Posted Why is the Microsoft Azure Active Directory Reporting Add-on for Splunk is stuck on the loading screen? on All Apps and Add-ons. 04-08-2018 05:36 PM
- Tagged Why is the Microsoft Azure Active Directory Reporting Add-on for Splunk is stuck on the loading screen? on All Apps and Add-ons. 04-08-2018 05:36 PM
- Tagged Why is the Microsoft Azure Active Directory Reporting Add-on for Splunk is stuck on the loading screen? on All Apps and Add-ons. 04-08-2018 05:36 PM
- Tagged Why is the Microsoft Azure Active Directory Reporting Add-on for Splunk is stuck on the loading screen? on All Apps and Add-ons. 04-08-2018 05:36 PM
- Tagged Why is the Microsoft Azure Active Directory Reporting Add-on for Splunk is stuck on the loading screen? on All Apps and Add-ons. 04-08-2018 05:36 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
05-24-2018
04:20 PM
Thanks, I added the index to the default search for 'user' role, we will adjust its scope later but that did the trick 🙂
... View more
05-23-2018
08:28 PM
Hi, we are currently unable to view data in our production environment with this add-on. We have checked config and we are receiving data from Office365 but the add-on does not display anything.
When I modify the query to the one listed below, I am able to retrieve data. I took a look at the dataset and it appears to be querying the index mscloud, can you please help?
sourcetype=ms:o365:management OR sourcetype=ms:o365:reporting:messagetrace OR sourcetype=mscs:azure:audit index=mscloud | stats count by sourcetype | rename sourcetype AS Sourcetype data_description AS "Description" data_source AS "Data On-boarding Guide" app_source AS "App Source" count AS "Event Count" dashboards AS Dashboards | fields Sourcetype Description Dashboards "App Source" "Data On-boarding Guide" "Event Count"
... View more
04-18-2018
06:09 PM
If the domain has been set incorrect after app installation, how do I change this?
... View more
04-08-2018
05:36 PM
Hi,
We recently installed this add-on however it is stuck on loading the page. There is another post which states to remove the puppet add-on however we do not have this add-on installed. Can you please assist with this issue?
... View more
