Use Splunk to Collect Logs from Office 365 and Azure AD

Microsoft has a lot of options to view Azure log data in one form or another. There is the Security Center, Azure Sentinel, Log Analytics, and Insights.  This is fine for an Azure centric organization, but many organizations already have log collection systems in place such as Splunk, and using multiple logging platforms is not efficient.  This article walks through sending Azure AD and Office 365 logs to Splunk.

Continue reading “Use Splunk to Collect Logs from Office 365 and Azure AD”