Hi,
We evaluated the Splunk Add-on for Microsoft Cloud Services some time back, and it was clear that it hooked the various O365 and Azure management and service APIs.
However, Microsoft (MS) offers log aggregation through OMS Log Analytics, which itself has a search API that can consolidate and expose all logs from O365 and Azure.
This means a lot less work on the Splunk side in order to pull logs and events, when using a broad cloud toolset.
Does the add-on have any support for the OMS Log Analytics API? If not, are there plans to add it? Failing that, could a generic REST API add-on provide the same function in order to simply pull all logs and events that are exposed?
Thanks
Chris
... View more