All Apps and Add-ons

Identity source account from centralized AWS Kinesis stream


We have a centalized Kinesis stream to ingest AWS Cloudwatch log groups from multiple AWS accounts with this setup

The source showing up in Splunk in this case is the centralized account, and not from the origin source. Anyone has suggestion how the origin source AWS account can also be sent to Splunk?  

Labels (1)
Tags (1)
0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Using the Splunk Threat Research Team’s Latest Security Content

REGISTER HERE Tech Talk | Security Edition Did you know the Splunk Threat Research Team regularly releases ...

SplunkTrust | 2024 SplunkTrust Application Period is Open!

It's that time again, folks! That's right, the application/nomination period for the 2024 SplunkTrust is ...