How can we integrate AWS logs to SPLUNK on-premise solution (Data center)?
We are hosted some of the NON-CRITICAL aplications in AWS and Azure cloud platforms.
We are using on-premise SPLUNK solution. We want to integrate AWS and Azure logs to ON-PREMISE SPLUNK ENTERPRISE SECURITY SIEM
Could you please help us?
Hi @rmanuraju,
Integration with AWS environment can be done using those two apps.
The first one allows you to collect all AWS data :
https://splunkbase.splunk.com/app/1876/
The second is used for visualization, dashboards and reports :
https://splunkbase.splunk.com/app/1274/
The documentation for on prem installation can be found here :
https://docs.splunk.com/Documentation/AWS/5.2.0/Installation/Installon-prem
Let me know if you have any other questions. Happy to help!
Cheers,
David