Forum Discussion
Unable to ingest SIME Integration logs for Cloud Apps
Hi All, We are trying to setup SIEM integration for Microsoft Defender for Cloud Apps using this https://learn.microsoft.com/en-gb/defender-cloud-apps/siem. We performed the all following steps bu...
Yoann_David_Mallet
Microsoft
MicrosoftHi, In general, we would recommend looking into other options to get data to your SIEM.
The graph API is usually your best bet.
If your SIEM is splunk, then we recommend to leverage the plug-in using Graph to get the data directly to your SIEM: Splunk Add-on for Microsoft Security | Splunkbase
Now if it is not an option, can you please share more details about your issue? All i see here is a time out.
Hi Yoann_David_Mallet we are looking to fetch Alerts and Activities logs for Defender for cloud apps, I guess we don't have graph API for the same, thus we were trying this integration approach https://learn.microsoft.com/en-us/defender-cloud-apps/siem
We are facing the mentioned challenge while setting this up.
