All Apps and Add-ons

Best pattern for AWS log archive account for CloudTrail and VPC Flow logs

smisriv
Observer

Hi!

My setup has a log archive account using AWS Landing zone where all the CloudTrail and VPC Flow Logs from multiple accounts get aggerated and stored in an s3 bucket. I want to send both of the logs to a Splunk HEC. Which is the best suited architecture pattern for this?

  

Labels (3)
0 Karma

KaraD
Community Manager
Community Manager

Hi @yackle_official! Thanks for checking in on Answers. Since this is an old post, I recommend starting a new thread with your question, so it can gain more current visibility.

 

Cheers!

-Kara D, Splunk Community Manager

 

0 Karma

yackle_official
New Member

Did you ever get an answer to this?

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Unified Identity - Now Available for Existing Splunk ...

Raise your hand if you’ve already forgotten your username or password when logging into an account. (We can’t ...

Index This | How many sides does a circle have?

February 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...