Hello, I am splunk certified Architect. I would need to know from where the email is coming from: e.g Microsoft exchange, hosted on premise, cloud, etc. If everything is office 365 is fine as well, i just need some API connections from the splunk system.
With that information, i can see the best way to get the data into splunk and make a normalization of the data to be able to show on dashboards as requested.
I am currently managing a big splunk infrastructure for my company and getting all kind of data.
Thanks in advance