Skip to content

Release notes for the Splunk Add-on for Microsoft Office 365

Version 4.6.0 of the Splunk Add-on for Microsoft Office 365 was released on November 4, 2024.

Note

Version 4.3.0 and higher is expected to have around 1% of event duplication for the Management Activity input in the Splunk platform due to duplicate events from the Microsoft API.

About this release

Version 4.6.0 of the Splunk Add-on for Microsoft Office 365 is compatible with the following software, CIM versions, and platforms.
Splunk platform versions 9.1.x, 9.2.x, 9.3.x
CIM 5.0.0
Supported OS Platform independent
Vendor products Microsoft Office 365

New features

Version 4.6.0 of the Splunk Add-on for Microsoft Office 365 has the following new features:

  • Compatibility with IPV6.
  • Support for providing custom self signed certificates.

  • Enhanced data collection for Audit Logs Sign In input.

    • Added support for start_date to fetch historical data.

    • Added support for query_window_size through which user can control amount of data getting downloaded in single chunk.

    • Exponential backoff retry policies for 5xx series error codes.

    • Fixed _time extraction issue.

  • Enhanced the data collection mechanism for the following Graph API content types, ensuring reports are generated for active resources only. Additionally, introduced support for Start Date and Delay Throttle parameters to provide greater control over data retrieval timing:

    • Office365 Groups Activity Detail
    • OneDrive Usage Account Detail
    • SharePoint Site Usage Detail
    • Teams User Activity User Detail
    • Yammer Groups Activity Detail

Fixed Issues

Version 4.6.0 of the Splunk Add-on for Microsoft Office 365 contains the following, if any, fixed issues.

Known issues

Version 4.6.0 of the Splunk Add-on for Microsoft Office 365 contains the following, if any, known issues.

Third-party software attributions

Version 4.6.0 of the Splunk Add-on for Microsoft Office 365 incorporates the following third-party software or libraries.

Third-party software attributions for the Splunk Add-on for Microsoft Office 365