Has anyone managed to get the S3-Data Event Dashboard working ? I have all the other Dashboards, Searches and Alerts functioning great.
If yes - let me know what magical incantations I require ....
Splunk 6.5.1 ( CentOS )
Splunk App for AWS 5.0
To enable "S3 data Event Dashboard", you need to enable it in your cloudtrail policy. It's new feature in AWS re.event.
View solution in original post
Thanks . Willing to bet I am not the only one with this issue 😉
Works great !~ Thanks