Configure an active directory application in Azure Active Directory for the Splunk Add-on for Microsoft Cloud Services¶

To gather data from the Windows Azure Service Management APIs, you must first create an active directory application in Azure AD.

When prompted, select or enter the following parameters:

Client ID: Required for Azure App account.
- Copy this value. You need this value and a valid secret key to connect to your account from the add-on.
Key: Required for Azure App account.
- Copy this value to a secure location as soon as the Azure AD admin console displays it.
Tenant ID: Required for Azure App account.
- Copy this value for the future use.

Application permissions to access Windows Azure Service Management APIs¶

Select Access Azure Service Management as organization under Delegated Permissions.

After creating the Active Directory Application, login to either https://portal.azure.com or https://portal.azure.us on the Azure website, and perform the following steps:

You must have a Premium P1 Active Directory level edition or higher to perform this operation. See https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/ on the Microsoft Azure website for more information on who can access resources.
Navigate to Home > Subscriptions.
Select the active subscription that you want to use from the Subscription Name column.
Select Access control (IAM)
Select Role assignments
Select Add role assignment.
In the Add role assignment drop-down list, perform the following steps:
1. Select Reader from the Role dropdown list.
2. Select User, group, or service principal from the Assign access to dropdown list, if it has not already been selected.
3. Select your Active Directory Application by searching for it by name in the dropdown.
Save your changes.