All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I get Entra logs (formerly Active directory), into Splunk Cloud?

MelV
New Member
‎11-26-2024 09:34 AM

The goal is to get Entra logs into Splunk Cloud and alert on non-domain affiliated logins. Can't seem to find any documentation on.

Labels (1)
Labels
0 Karma
Reply

marnall
Motivator
‎11-26-2024 10:54 AM

You probably want the Splunk Add on for Microsoft Azure (https://splunkbase.splunk.com/app/3757)

There are set-up instructions described at https://github.com/splunk/splunk-add-on-microsoft-azure/wiki (see the sections on Configuration) on the right.

0 Karma
Reply
Get Updates on the Splunk Community!

Observability Release Update: AI Assistant, AppD + Observability Cloud Integrations & ...

This month’s releases across the Splunk Observability portfolio deliver earlier detection and faster ...

Stay Connected: Your Guide to February Tech Talks, Office Hours, and Webinars!

💌Keep the new year’s momentum going with our February lineup of Community Office Hours, Tech Talks, ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...