Splunk Add-on for Amazon Web Services

The Splunk Add-on for Amazon Web Services allows a Splunk® software administrator to collect events, alerts, performance metrics, configuration snapshots, and billing information from the CloudWatch, CloudTrail, and Config services. It can also gather log data from CloudWatch Logs, including VPC Flow Logs, and AWS billing reports and generic log files from S3 buckets. This add-on provides modular inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for AWS and Splunk Enterprise Security. Only CloudTrail, CloudWatch, VPC Flow Log, and Config data is tagged for CIM compliance. Because data gathered from S3 buckets is not predictable, the add-on can not normalize it to the CIM data models.

Built by Splunk Inc.

Latest Version 5.0.2

July 14, 2020

Compatibility

Not Available

Platform Version: 8.0

Rating

0

(0)

Log in to rate this app

Support

Splunk Supported addon

Learn more

Ranking

#19

in Security, Fraud & Compliance

#32

in IT Operations

The Splunk Add-on for Amazon Web Services allows a Splunk® software administrator to collect events, alerts, performance metrics, configuration snapshots, and billing information from the CloudWatch, CloudTrail, and Config services. It can also gather log data from CloudWatch Logs, including VPC Flow Logs, and AWS billing reports and generic log files from S3 buckets. This add-on provides modular inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for AWS and Splunk Enterprise Security. Only CloudTrail, CloudWatch, VPC Flow Log, and Config data is tagged for CIM compliance. Because data gathered from S3 buckets is not predictable, the add-on can not normalize it to the CIM data models.