I got an update today on the ticket I have open: Thank you for your patience while we have been working to resolve the issue you reported. We would like to assure you that our engineering team and Microsoft team have been conducting a thorough investigation into the problem. We are pleased to inform you that the MS team have successfully reproduced the issue locally and is currently implementing patches to prevent reported issues. As per the latest update from the Microsoft side, They have a new patch being tested and will be rolled out today or the day by tomorrow to Production. ETA for this fix is to be available very soon. If there are any delays, we will update you as soon as possible. We kindly request your patience as we work to implement this fix. Rest assured that we will update you as soon as we have further information from our engineering team. Thank you for your understanding and support. In addition, my sales engineer indicated that they are having potential success by rolling back to the updated, OAuth version of the Microsoft add-on versus using the Splunk add-on: https://splunkbase.splunk.com/app/3720 instead of https://splunkbase.splunk.com/app/4055 3720 actually indicates that users should migrate to 4055, but perhaps that's bad advice at the moment. I'm optimistic that they'll fix the 4055 add-on as well though. For now, I'm going to test version 2.0.1 of that first add-on link and I'll report back with my findings.
... View more