TA for Sentinel Queries | Splunkbase

My Account

Signup

Support & Services

Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

My Account

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Splunk Websites Terms and Conditions of Use

I have read the terms and conditions of this license and agree to be bound by them.

I have read Splunk's privacy agreement and agree to be bound by them.

Thank You

Downloading TA for Sentinel Queries

SHA256 checksum (ta-for-sentinel-queries_103.tgz) 02d6bef3400f21c7141aecb4331754f8e099899d13e19b93db05f09b26a31cb8

SHA256 checksum (ta-for-sentinel-queries_102.tgz) b7bdce617cc6d1647e430a7c9725f66dae8b4be6c54794166bcb61822e33e184

SHA256 checksum (ta-for-sentinel-queries_101.tgz) 9af1ed171105336b060eea30e8b19ad2c65ddd357abf90e800770a78d897a76e

SHA256 checksum (ta-for-sentinel-queries_100.tgz) 11214bd2470a908448c3e72b75b0282d94b4f0032e40781dbda2e844240d506a

To install your download

For instructions specific to your download, click the Details tab after closing this window.

splunk

TA for Sentinel Queries

Overview

Details

The TA for Sentinel Queries provides a custom command you can use to search a Microsoft Log Analytics Workspace, allowing you to run arbitrary queries across Microsoft Sentinel data and process the results within Splunk.

This TA allows you to retrieve ad-hoc results from Microsoft Sentinel. It submits the user-supplied query to a Log Analytics Workspace and retrieves the results to Splunk.

Release Notes

Version 1.0.3

Aug. 19, 2024

Added support for querying multiple workspaces
- Setup page now allows you to configure multiple targets
- Custom command now supports connection_name parameter (which defaults to settings for compatibility)

Version 1.0.2

Aug. 3, 2023

1.0.2 - Fixes for Splunk Cloud compatibility

Version 1.0.1

July 29, 2023

Date	Version	Notes
2023-07-29	0.0.1	Initial release
2022-07-29	0.0.2	UI fix

Version 1.0.0

July 29, 2023

Date	Version	Notes
2023-07-29	1.0.0	Initial release

529

Downloads

Share Subscribe

Version

Built by

Greg Ford

Support

Developer Supported

Contact Developer Questions on Splunk Answers Flag as inappropriate

Compatibility

Products: Splunk Enterprise

Products: Splunk Enterprise

Products: Splunk Enterprise

Products: Splunk Enterprise

Splunk Versions: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0

Platform: Platform Independent

Splunk Versions: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0

Platform: Platform Independent

Splunk Versions: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0

Platform: Platform Independent

Splunk Versions: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0

Platform: Platform Independent

Licensing

MIT License

Category & Contents

Categories: Security, Fraud & Compliance, SIEM

App Type: Add-on

Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Submit New Splunk App Dev Resources

Follow Us:

© 2005-2025 Splunk LLC All rights reserved.

Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents | Report a Problem

Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk LLC in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.