Ringing In the New Year With Splunk and Microsoft: Three New Integrations

Like champagne and party hats, Splunk and Microsoft just go together. Here at Splunk, one of our New Year’s resolutions is to continue to empower our customers with data —  in this case, Microsoft data. From cloud, to security, to troubleshooting, we’re back with the latest round of new integrations designed to help you do more with Splunk and Microsoft.

1. Splunk Add-On For Microsoft Cloud Services
The latest version of this Splunk-built add-on supports Microsoft Azure Event Hubs and includes improved support for the Common Information Model (CIM) Alerts data model through sourcetypes for Azure Security Center Alerts and Azure Security Center Recommendations. The add-on also includes an upgraded Microsoft Azure Python Software Development Kit (SDK). Stay tuned for an upcoming technical post on how to get Azure Event Hub data into Splunk via the add-on.

2. M365 Defender Add-On for Splunk
The newest version of the add-on includes support for M365 Defender Incidents, and can collect the following data: incident, assignee, classification, severity, status, and associated alerts. 

3. On-Call App for Microsoft Teams
There’s nothing worse than screen hopping while trying to troubleshoot an incident. The On-Call App for Microsoft Teams allows you to firefight critical incidents from the tool of your choice. Available in the Microsoft Office Store, this application is completely bi-directional allowing you to see the entire payload of your incidents, acknowledge them and resolve them, all from the Teams interface. On-Call maps Microsoft Teams data to ensure accurate reporting and complete information. Check out the handy integration guide.

Looking to relive the magic of .conf20? Couldn’t make it this year and want to catch up? Don’t stress! Recordings from all sessions of .conf20 posted on

Be sure to check out "Down in the Weeds, Up in the Cloud: Security" for security-specific updates and features of the Splunk & Microsoft 365/Azure landscape as well as new updates around Microsoft Teams, security & compliance, ingestion methods and more.

Suzanna Barnard
Posted by

Suzanna Barnard

Senior Manager on the Global Strategic Alliances team at Splunk. Former intelligence analyst and security software product manager. Coffee connoisseur, llama chaser, and West Wing superfan. On a mission to bake the perfect chocolate chip cookie.

Show All Tags
Show Less Tags