Microsoft Azure Add on for Splunk

This add-on collects data from Microsoft Azure including the following: * Azure AD Data - Users - Azure AD user data - Sign-ins - Azure AD sign-ins including conditional access policies and MFA - Directory audits - Azure AD directory changes including old and new values *Event Hubs - generic Event Hub collector * Metrics * Estimated billing and consumption * Inventory metadata - Resource Groups - Resource group configuration - Virtual Machines - VM, Disk, Image, and Snapshot configurations - Virtual Networks - VNET, NSG, and Public IP configurations - Managed Disks - Subscriptions - Subscription name, ID, and type - Topology - IaaS relationships * Azure Security Center - Alerts - Tasks * Azure Resource Graph Version 3.0.0 and later of the Microsoft Azure Add-on for Splunk is compatible only with Splunk Enterprise version 8.0.0 and above.

Built by Ramani Nikitha Janapareddy

Latest Version 3.0.1

December 1, 2020

Compatibility

Not Available

Platform Version: 9.1, 9.0, 8.2, 8.1, 8.0, 9.2

CIM Version: 4.x

Rating

0

(0)

Log in to rate this app

Support

Developer Supported addon

Learn more

This add-on collects data from Microsoft Azure including the following: * Azure AD Data - Users - Azure AD user data - Sign-ins - Azure AD sign-ins including conditional access policies and MFA - Directory audits - Azure AD directory changes including old and new values *Event Hubs - generic Event Hub collector * Metrics * Estimated billing and consumption * Inventory metadata - Resource Groups - Resource group configuration - Virtual Machines - VM, Disk, Image, and Snapshot configurations - Virtual Networks - VNET, NSG, and Public IP configurations - Managed Disks - Subscriptions - Subscription name, ID, and type - Topology - IaaS relationships * Azure Security Center - Alerts - Tasks * Azure Resource Graph Version 3.0.0 and later of the Microsoft Azure Add-on for Splunk is compatible only with Splunk Enterprise version 8.0.0 and above.