![]() Next, grant a specific user the created policy (the username is LegacyUser in this case): Set-User -Identity LegacyUser -AuthenticationPolicy "Allow Basic Auth for Reporting Web Service"įinally, check if all went well: Get-User -Identity LegacyUser | fl auth* (You should see AllowBasicAuthReportingWebServices : True in the list returned) Set-AuthenticationPolicy -Identity "Allow Basic Auth for Reporting Web Service" -AllowBasicAuthReportingWebServices:$trueĬheck the policy settings Get-AuthenticationPolicy -Identity "Allow Basic Auth for Reporting Web Service" | fl AllowBasicAuth* $ExchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "" -Credential $credential -Authentication "Basic" -AllowRedirectionĬreate/set the policy New-AuthenticationPolicy -Name "Allow Basic Auth for Reporting Web Service" This can be done through the Azure portal using PowerShell.įrom the Azure portal, start a cloud shell (PowerShell) $Credential = Get-Credential In the meantime, it is possible to enable basic authentication for a single user in your environment. When an update is released for this API to support modern authentication, this add-on will be updated to use modern authentication. The Microsoft API used by the add-on only supports Basic Authentication (username and password). Specify an End date/time if Index Once is selected.Įnabling Basic Authentication for a Single User in Your Environment.This parameter is optional when Continuously Monitor is selected, but the parameter is required when Index Once is selected. Select a Start date/time to specify how far back to go when initially collecting data.Each time the input runs, the input will exit and do nothing until the end date is at least 60 minutes away from "now". Continuing from the example above, if "now" is T00:02:00 (two minutes after midnight) and the delay throttle is 60 minutes, the input will exit because the end date for the query is only 1 minute away from "now". ![]() This parameter specifies how close to "now" the end date for a query may be (where "now" is the time that the input runs). Microsoft may delay trace events up to 24 hours and events are not guaranteed to be sequential during this delay ( reference ). For example, if the calculated start date is T00:00:00 (midnight on January 1, 2018), the end date for the query will be T00:01:00 (one hour after midnight) if the query window size is 60 minutes. The end date for the Office 365 API query will be the calculated start date plus the number of minutes specified by this parameter. When Continuously Monitor is selected, each time this input runs a start date is calculated for the Office 365 API query. Specify the Query window size (minutes).Index Once requires a start date and end date and will only index the data in the given date range.Continuously Monitor will poll for new data based on the interval.Enter an interval (how often this input collects data).Select the Inputs menu item > Create New Input.Refer to the minimum permissions needed for the account above. Enter the username and password to use for the add-on.Launch the add-on, then click the Configuration menu item > Account > Add.Access Splunk Web on the node of your Splunk platform installation that collects data for this add-on.Universal forwarders are not supported for data collection because the modular inputs require Python and the Splunk REST handler. Not required as the parsing operations occur on the forwarders. Data collection should be configured in only 1 place to avoid duplicates. It is recommended to install this add-on on a heavy forwarder for data collection. It is recommended to turn visibility off on your search heads to prevent data duplication errors that can result from running inputs on your search heads instead of (or in addition to) on your data collection node. This add-on contains search-time knowledge. This table provides a reference for installing this specific add-on to a distributed deployment of Splunk Enterprise. See Where to install Splunk add-ons in Splunk Add-ons for more information. Unless otherwise noted, all supported add-ons can be safely installed to all tiers of a distributed Splunk platform deployment. Creating a new role for the user account with the following permissions is recommended: Visible: Yes, this add-on contains configuration.Splunk platform versions: 6.5 and later.Vendor Products: Microsoft Office 365 Reporting Message Trace Report.This add-on collects Message Trace data from Microsoft Office 365 including the following: Microsoft Office 365 Reporting Mail Add-on for Splunk
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |