About the Content Pack for Microsoft 365
The Content Pack for Microsoft 365 collects Microsoft Office 365 data from the hosts in your server environment and monitors server performance, availability, security, incidents, and messages across your Microsoft 365 environment.
The content pack provides preconfigured services along with KPIs that monitor critical functions. The content pack also includes entity types to group and analyze entities in your environment. The content pack dashboards and metrics let you visually represent delivered services including email, calendar, and communications.
Content pack contents
This content pack includes the following features:
Dashboards
13 dashboards for various use cases.
Entity types
Several entity types to group and analyze entities receiving data from Microsoft 365.
Glass tables
Seven glass tables with different views for executive users, IT Operations analysts, or security analysts.
Services
More than 49 Microsoft 365 services with over 300 KPIs configured with best practices from Microsoft and Splunk. You can disable or delete any services you don't use.
Service analyzer
A saved Service Analyzer view for Microsoft 365. The Service Analyzer provides real-time visibility into the health of your service components.
ITSI and ITE Work support
The content in the Content Pack for Microsoft 365 is supported in ITSI and ITE Work. The features available in ITE Work are a subset of the full feature set available in the content pack for ITSI.
Objects | ITE Work | ITSi |
---|---|---|
Services | 0 | 49 |
Glass Tables | 0 | 7 |
Service Analyzer | 0 | 1 |
Entity types | 3 | 3 |
Dashboards | 13 | 13 |
Installation
The Splunk App for Content Packs contains the Content Pack for Microsoft 365. The content pack is automatically available once you install the Splunk App for Content Packs.
For installation instructions, see Install the Splunk App for Content Packs in the Splunk App for Content Packs manual.
Deployment requirements
Use the following table to ensure you are running the correct version of the Content Pack for Microsoft 365, ITSI, IT Essentials Work, the Splunk App for Content Packs, and the Splunk Add-on for Microsoft Office 365:
Content Pack for Microsoft 365 version | ITSI version | IT Essentials Work version | Splunk App for Content Packs version | Splunk Add-on for Microsoft Office 365 version |
---|---|---|---|---|
1.0.10 | 4.9.4 or 4.11.0 or higher | 4.9.4 or 4.11.0 or higher | 1.4.0 | 2.1.0 |
1.0.9 | 4.9.2 or higher | 4.9.2 or higher | 1.3.0 | 2.1.0 |
1.0.9 | 4.9.2 or higher | 4.9.2 or higher | 1.2.0 | 2.1.0 |
Additional resources
- For ITSI deployment planning guidelines, see Plan your ITSI deployment in the Install and Upgrade Manual.
- For ITSI version compatibility with Splunk Enterprise versions, see the Splunk products version compatibility matrix.
Release notes for the Content Pack for Microsoft 365 |
This documentation applies to the following versions of Content Pack for Microsoft 365: 1.0.10
Feedback submitted, thanks!