Zoom operation logs allow account owners to view changes made by admins on the account, specifically changes in the sections under Account Management, User Management, and Advanced. This includes changes to Account and Group settings, changes in role and license assignments for users, changes to subscriptions under Billing, and changes made to SSO configuration, including changes made by your SSO and SAML mapping configuration. Zoom also provides logs for calls, call recordings, voicemails, and SMS.
Splunk Connect for Zoom integrates your Zoom deployment data into your Splunk platform deployment. Using this integration, you can accept incoming webhooks from Zoom in order to collect a variety of data pertaining to numerous events, such as meetings, and participants. This information can be used to start gathering insights and business centric value instantly. Splunk Connect for Zoom provides a holistic end-to-end solution when used with the Splunk App for Zoom or the Remote Work Insights (RWI) - Executive Dashboard.
Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion:
Getting data in
|Source||Add-ons and Apps||Guidance|
Install Splunk Connect for Zoom on a distributed Splunk Enterprise deployment