Hi,
We have just build a tool to do that and then some more...
SkyFormation Extend (c) for Splunk extracts security events from multiple business cloud applications (e.g. Salesforce, Google App, ServiceNow, Office 365,AWS,...) and transforms them into a unified and actionable stream of events sent to your Splunk or other SIEM solution of your choice.
No more cloud applications integration or classification worries, and all in unified form for easiest correlations and investigation across cloud apps.
SkyFormation is a Java app you can install at on-premise on any machine you want, and it will take you 5 minutes to set it up.
Please have a look at:
https://splunkbase.splunk.com/app/2932/
Feel more then welcome to ask me any question at support@skyformation.com
Best
Janet
www.skyformation.com
... View more