×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
atguilmette78
New Member
Member since: ‎05-07-2018
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎05-07-2018
Topics I've Started
No posts to display.
View All

Re: Microsoft Office 365 Reporting Add-on for Splu...

by in All Apps and Add-ons
‎03-05-2019 09:21 AM
‎03-05-2019 09:21 AM
I was also having this issue trying to get Audit.General logs. It turns out there is a python script packaged with the app that sets a time-delta threshold. I fixed this by lowering the threshold from the default 7 days (packaged with the app) to match our environment (which happens to be six days). The script is: bin/splunk_ta_o365/modinputs/management_activity.py. The line I had to change was: last_updated_time = datetime.utcfromtimestamp(now) - timedelta(days=7) Not the ideal solution, but it seems to work. I hope the next version of the app makes this a configurable parameter. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM