All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can you install the AWS ELB app on Splunk Enterprise or Cloud?

khourihan_splun
Splunk Employee
Splunk Employee
‎05-09-2014 03:52 PM

Can this app be installed on Cloud or Enterprise?

Reply
1 Solution
Solved! Jump to solution
Solution

khourihan_splun
Splunk Employee
Splunk Employee
‎05-09-2014 04:02 PM

No, the app will not work as expected in Splunk Cloud or Enterprise. Its written for Hunk, and will throw this error:

Error in 'ResultProvider': Permission denied. License does not allow execution of searches for virtual_index=elb, provider_family=hadoop

I did spend some time today re-working it to run on Splunk Cloud / Enterprise. In it, I have removed the inputs.conf and changed the sourcetype to be elb, not aws_elb.

This app assumes you have your s3: input working somehow and putting in the data as sourcetype=elb

You can get the modded version of it here.

I did talk to the creator of the ELB Hunk app, Dritan, and he said this:

the app remains Hunk only because we
don¹t have an [official] S3 input yet.
In fact, when we do, there are
optimizations that [will be made].

View solution in original post

Reply
Solved! Jump to solution

jimdoplatform
Engager
‎10-16-2015 03:23 AM

Still not possible?

Reply
Solved! Jump to solution
Solution

khourihan_splun
Splunk Employee
Splunk Employee
‎05-09-2014 04:02 PM

No, the app will not work as expected in Splunk Cloud or Enterprise. Its written for Hunk, and will throw this error:

Error in 'ResultProvider': Permission denied. License does not allow execution of searches for virtual_index=elb, provider_family=hadoop

I did spend some time today re-working it to run on Splunk Cloud / Enterprise. In it, I have removed the inputs.conf and changed the sourcetype to be elb, not aws_elb.

This app assumes you have your s3: input working somehow and putting in the data as sourcetype=elb

You can get the modded version of it here.

I did talk to the creator of the ELB Hunk app, Dritan, and he said this:

the app remains Hunk only because we
don¹t have an [official] S3 input yet.
In fact, when we do, there are
optimizations that [will be made].

Reply
Solved! Jump to solution

kaufmanm
Communicator
‎05-22-2014 08:32 AM

This is great, I was thinking about going through and doing the same thing, thanks for sharing.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...