Live Demo: Get full visibility of your AWS environment with CloudQuery Sign up ❯
Sign up ❯

CloudQuery

Back to source plugin

Sync data from Azure to Splunk

CloudQuery is the simple, fast data integration platform that can fetch your data from Azure APIs and load it into Splunk
Azure
Splunk

Trusted by

https://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/fastly.7b4d858a.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/zendesk.7797fa4d.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/infosys.ff0299e0.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/auroralabs.a19bd93a.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/palo_alto_networks.408311f5.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/instructure.dcb4ccf2.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/ridgeline.93285988.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/fastly.7b4d858a.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/zendesk.7797fa4d.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/infosys.ff0299e0.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/auroralabs.a19bd93a.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/palo_alto_networks.408311f5.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/instructure.dcb4ccf2.svghttps://cdn.cloudquery.io/hub/ofkqe7d9i/_next/static/media/ridgeline.93285988.svg

Get a personalized demo

Book a demo and see how quickly CloudQuery delivers new and ongoing insights on your multi-cloud environments.

Video thumbnail
Enterprise ReadyCustomize & ExtendEnterprise Ready
Enterprise Ready
Customize & Extend
Query Assets with SQL

Non-invasive account access for better security and efficiency.

Import data with CloudQuery SDKs and build your own plugins.

Query cloud assets and security with a simple SQL-based UI.

Step by step guide for how to export data from Azure to Splunk

MacOSWindowsLinux
Table of Contents

MacOS Setup

Step 1: Install CloudQuery

To install CloudQuery, run the following command in your terminal:

brew install cloudquery/tap/cloudquery

Step 2: Create a Configuration File

Next, run the following command to initialize a sync configuration file for Azure to Splunk:

cloudquery init --source=azure --destination=splunk

This will generate a config file named azure_to_splunk.yaml. Follow the instructions to fill out the necessary fields to authenticate against your own environment.

Step 3: Log in to CloudQuery CLI

Next, log in to the CloudQuery CLI. If you have't already, you can sign up for a free account as part of this step:

cloudquery login

Step 4: Run a Sync

cloudquery sync azure_to_splunk.yaml

This will start syncing data from the Azure API to your Splunk database! 🚀

See the CloudQuery documentation portal for more deployment guides, options and further tips.

FAQs

What is CloudQuery?
CloudQuery is an open-source tool that helps you extract, transform, and load cloud asset data from various sources into databases for security, compliance, and visibility.
Why does CloudQuery require login?
Logging in allows CloudQuery to authenticate your access to the CloudQuery Hub and monitor usage for billing purposes. Data synced with CloudQuery remains private to your environment and is not shared with our servers or any third parties.
What data does CloudQuery have access to?
CloudQuery accesses only the metadata and configurations of your cloud resources that you specify without touching sensitive data or workloads.
How is CloudQuery priced?
CloudQuery offers flexible pricing based on the number of cloud accounts and usage. Visit our pricing page for detailed plans.
Is there a free version of CloudQuery?
Yes, CloudQuery offers a free plan that includes basic features, perfect for smaller teams or personal use. More details can be found on our pricing page.
What data can CloudQuery sync from Azure to Splunk?
The CloudQuery Azure Integration can sync a wide variety of Azure data to Splunk. You can also limit the data that is synced to data contained in a particular subscription.
What permissions does the CloudQuery Azure Integration require?
We recommend that you only grant read permissions to the integration as this is all that you will require to sync your data from Microsoft Azure to Splunk. As this is a source integration, CloudQuery will never write information to Azure.
Can I rate limit the requests that CloudQuery makes to the Azure API?
If you would like to reduce the number of requests that CloudQuery can make to the API when it is syncing data from Azure to Splunk then you can set a rate limit in your account. These are managed on a per-subscription basis and further information can be found here.
Which write mode can I use in Splunk when syncing data from Azure?
At the moment, CloudQuery only supports append write mode, this means that it will not remove data from your Splunk destination and will create new indexes when needed.
How can I ensure that my sync from Azure does not exceed my Splunk API limits?
You can manage the rate at which data is synced from Azure to Splunk by using the batch_size, batch_size_bytes, and max_concurrent_requests integers. In general, you should keep the max_concurrent_requests integer as low as possible while aiming for a ratio of roughly 1,000 between batch_size and max_concurrent_requests, this will ensure that the response times from your Splunk instance remain reasonable.
What is the Splunk Destination integration for CloudQuery?
The Splunk Destination integration allows you to send cloud asset data collected by CloudQuery to Splunk for further analysis, enabling you to monitor, visualize, and query cloud infrastructure metrics in real-time.

Get Weekly Cloud Governance Insights

Product use cases

Resources

Legal

© 2025 CloudQuery, Inc. All rights reserved.

We use tracking cookies to understand how you use the product and help us improve it. Please accept cookies to help us improve. You can always opt out later via the link in the footer.