From the course: Integrating Splunk with Microsoft Purview
Join today to access over 24,900 courses taught by industry experts.
Solution: Create a dashboard - Splunk Tutorial
From the course: Integrating Splunk with Microsoft Purview
Solution: Create a dashboard
(upbeat music) - [Instructor] Let's see if you got the steps to creating a dashboard from a set query result correctly. First, we'll launch the Splunk add-on for Microsoft Office 365 to confirm our Azure Tenant configuration with Splunk Enterprise. Next, go to the Input tab so we can run the search query from Microsoft Purview. This search query is to return audit log of all activities that has been performed in the last 24 hours in our Microsoft Azure tenants. We are using Splunk Enterprise to capture these activities. So here we have 1,456 events returned in the last 24 hours. To see more details about the results, you can scroll down the page to have a full view of analysis of all generated events. So we'll filter the search query to return only failed activities by typing in fail asterix, you hit the Enter button. So here we have 262 events failed, and here we are going to extract the date_minute field on that interesting field. We'll be checking the maximum value over time…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
Splunk in Microsoft Purview and its benefits2m 24s
-
(Locked)
Integrate M365 add-on with Splunk5m 22s
-
(Locked)
Azure integration with Splunk8m 38s
-
(Locked)
Splunk search and visualization5m
-
(Locked)
Splunk dashboard2m 36s
-
(Locked)
How to add sample data in Splunk4m 56s
-
(Locked)
Challenge: Create a dashboard59s
-
(Locked)
Solution: Create a dashboard2m 19s
-
-
-
-