Open the app from app menu and click on configuration tab under that click on logging and set log level to debug.
use below query to see for more details on how the script is executed:
python.version=python3 is added to pass app inspect.
If you install this TA on Splunk versions below 8, you see below error on starting of Splunk.
Invalid key in stanza [microsoft_defender_atp_alerts] in $SPLUNK_HOME/etc/apps/TA-microsoft-defender/default/inputs.conf, line 4: python.version (value: python3).
Invalid key in stanza [admin_external:TA_microsoft_defender_settings] in $SPLUNK_HOME/etc/apps/TA-microsoft-defender/default/restmap.conf, line 10: python.version (value: python3).
Invalid key in stanza [admin_external:TA_microsoft_defender_microsoft_defender_atp_alerts] in $SPLUNK_HOME/etc/apps/TA-microsoft-defender/default/restmap.conf, line 16: python.version (value: python3).
The problems because the parameters which are used to support version 8 are not available in below versions 8. you can ignore these alerts. or you can comment python.version in inputs.conf and restmap.conf
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.