Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how to filter alert from AWS Cloud watch and send it to splunk?

swethaJ
New Member
‎03-10-2016 02:34 AM

We have many applications in our environment. All those logs are monitored by cloud watch. Is there any way that alerts data can be sent from AWS Cloud watch to Splunk?

Tags (1)
0 Karma
Reply

swethaJ
New Member
‎03-15-2016 12:31 AM

Thank you for your response.
We have SNOW version older version which Splunk doesn't support for integrating. For this reason, we integrated cloud watch with SNOW to perform alert actions.
Now, can we send only performance data and other logs from cloud watch to Splunk ? rather than sending alert, which as you told not required.

0 Karma
Reply

pgreer_splunk
Splunk Employee
Splunk Employee
‎03-10-2016 09:33 AM

Here's a start on documentation on the Splunk Add On for AWS:

http://docs.splunk.com/Documentation/AddOns/latest/AWS/ConfigureInputs

Specific to CloudWatch: http://docs.splunk.com/Documentation/AddOns/released/AWS/CloudWatch

To have the add-on installed in your cloud instance, you'll need to open a ticket with Splunk Support.

0 Karma
Reply

pgreer_splunk
Splunk Employee
Splunk Employee
‎03-10-2016 09:42 AM

Apologies, meant to state as well that sending an alert to Splunk and having it action on it could be possible by sending data (via a script, or file, or TCP/UDP flow) to Splunk, then having an alert in Splunk action on the (AWS Cloudwatch alert) data being sent it. But I needed to ask, what is the underlying business/technical reason you would wish to have an alert from AWS Cloudwatch be actioned on by Splunk? Splunk could instead simply ingest the data from AWS Cloudwatch and perform the alerting for you itself.

0 Karma
Reply

swethaJ
New Member
‎03-15-2016 12:39 AM

Thank you for your response.
We have SNOW older version, which couldn't be integrated with Splunk. and so done it with cloud watch to create alarms.
Now can performance data and other log data be sent to Splunk from cloud watch? with out any alert information?

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...