We have updated our Terms of Service, Code of Conduct, and Addendum.

Has anyone tried to onboard OneDrive Logs?


We are following this document, https://docs.cribl.io/stream/usecase-rest-ms-graph/ We have tested bringing in Azure User and Device data in the past with no issue. We are having a problem figuring out the best Collect URL to use. We've tried many different ones. We've tested our URLs to Microsoft's Graph Explorer and we are not receiving the expected output in Cribl. We have also set all the permissions that a Splunk App would require, https://docs.splunk.com/Documentation/AddOns/released/MSO365/ConfigureappinAzureAD