Content Pack for Microsoft 365

Content Pack for Microsoft 365

This documentation does not apply to the most recent version of Content Pack for Microsoft 365. For documentation on the most recent version, go to the latest release.

About the Content Pack for Microsoft 365

The Content Pack for Microsoft 365 collects Microsoft Office 365 data from the hosts in your server environment and monitors server performance, availability, security, incidents, and messages across your Microsoft 365 environment.

The content pack provides preconfigured services along with KPIs that monitor critical functions. The content pack also includes entity types to group and analyze entities in your environment. The content pack dashboards and metrics let you visually represent delivered services including email, calendar, and communications.

This image shows the Service Analyzer view called M365 Service Analyzer. Use this Service Analyzer to monitor the availability and performance of your Microsoft 365 services.

Content pack contents

This content pack includes the following features:

Dashboards

13 dashboards for various use cases.

Entity types

Several entity types to group and analyze entities receiving data from Microsoft 365.

Glass tables

Seven glass tables with different views for executive users, IT Operations analysts, or security analysts.

Services

More than 49 Microsoft 365 services with over 300 KPIs configured with best practices from Microsoft and Splunk. You can disable or delete any services you don't use.

Service analyzer

A saved Service Analyzer view for Microsoft 365. The Service Analyzer provides real-time visibility into the health of your service components.

ITSI and ITE Work support

The content in the Content Pack for Microsoft 365 is supported in ITSI and ITE Work. The features available in ITE Work are a subset of the full feature set available in the content pack for ITSI.

Objects ITE Work ITSi
Services 0 49
Glass Tables 0 7
Service Analyzer 0 1
Entity types 3 3
Dashboards 13 13

Installation

The Splunk App for Content Packs contains the Content Pack for Microsoft 365. The content pack is automatically available once you install the Splunk App for Content Packs.

For installation instructions, see Install the Splunk App for Content Packs in the Splunk App for Content Packs manual.

Deployment requirements

Use the following table to ensure you are running the correct version of the Content Pack for Microsoft 365, ITSI, IT Essentials Work, the Splunk App for Content Packs, and the Splunk Add-on for Microsoft Office 365:

Content Pack for Microsoft 365 version ITSI version IT Essentials Work version Splunk App for Content Packs version Splunk Add-on for Microsoft Office 365 version
1.0.10 4.9.4 or 4.11.0 or higher 4.9.4 or 4.11.0 or higher 1.4.0 2.1.0
1.0.9 4.9.2 or higher 4.9.2 or higher 1.3.0 2.1.0
1.0.9 4.9.2 or higher 4.9.2 or higher 1.2.0 2.1.0

Additional resources

Last modified on 03 February, 2022
  Release notes for the Content Pack for Microsoft 365

This documentation applies to the following versions of Content Pack for Microsoft 365: 1.0.10


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters