Skip to content

ankit-kumar-mck/azure-functions-splunk

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

78 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Azure Functions for Splunk

This repository contains available Azure Functions to integrate Microsoft data with Splunk. Azure Functions can be triggered by certain events like an event arriving on an Event Hub, a blob written to a storage account, a Microsoft Teams call concluding, etc. The functions in this repository respond to these events and route data to Splunk accordingly.

Getting Started

Each available set of functions in this repository is contained within its own folder. For example, the Microsoft Graph functions are contained in the graph folder. To deploy the functions to your Azure environment, click the Deploy to Azure button located in the README.md in the corresponding function folder.

Available Functions

Functions Location Description
Microsoft Teams graph Collects Microsoft Teams call records. This data can be used with the Microsoft 365 App for Splunk and/or the RWI – Executive Dashboard
Azure Event Hubs event-hubs-hec These Azure Functions are triggered by events arriving on an Azure Event Hub. The functions then process the events and send the event to a listening Splunk HTTP Event Collector
Azure Storage storage-hec These Azure Functions are triggered by writes to an Azure Storage account. The functions process the data to send to a listening Splunk HTTP Event Collector

Setting a Project Subpath

Multiple Azure Function projects exist in this repository. In order to debug a specific function project, set the azureFunctions.deploySubpath and azureFunctions.projectSubpath parameters in settings.json to the appropriate path.

For example, to run and debug the Graph functions use the following settings.json

{
    "azureFunctions.postDeployTask": "npm install",
    "azureFunctions.projectLanguage": "JavaScript",
    "azureFunctions.projectRuntime": "~3",
    "debug.internalConsoleOptions": "neverOpen",
    "azureFunctions.preDeployTask": "npm prune",
    "azureFunctions.deploySubpath": "graph",
    "azureFunctions.projectSubpath": "graph"
}

Support

This software is released as-is. Splunk provides no warranty and no support on this software. If you have any issues with the software, please file an issue on the repository.

About

Azure Functions for getting data in to Splunk

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%