Forum Discussion
Splunk integration ATP Defender
Hello, we are looking at Microsoft 365 ATP Defender and we are struggling with the integration with Splunk due some missing fields in the logs, did anyone was succesful to do this? Thank you! RS
Hi rs8091,
There is even a newer add-on called Splunk Add-on for Microsoft Security v1.2.0 that is fully supported by Splunk.
If you want to continue updating Incidents and/or Alerts, you also need the Microsoft 365 App for Splunk that now includes these capabilities.