Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how to filter alert from AWS Cloud watch and send it to splunk?

swethaJ
New Member
‎03-10-2016 02:34 AM

We have many applications in our environment. All those logs are monitored by cloud watch. Is there any way that alerts data can be sent from AWS Cloud watch to Splunk?

Tags (1)
0 Karma
Reply

swethaJ
New Member
‎03-15-2016 12:31 AM

Thank you for your response.
We have SNOW version older version which Splunk doesn't support for integrating. For this reason, we integrated cloud watch with SNOW to perform alert actions.
Now, can we send only performance data and other logs from cloud watch to Splunk ? rather than sending alert, which as you told not required.

0 Karma
Reply

pgreer_splunk
Splunk Employee
Splunk Employee
‎03-10-2016 09:33 AM

Here's a start on documentation on the Splunk Add On for AWS:

http://docs.splunk.com/Documentation/AddOns/latest/AWS/ConfigureInputs

Specific to CloudWatch: http://docs.splunk.com/Documentation/AddOns/released/AWS/CloudWatch

To have the add-on installed in your cloud instance, you'll need to open a ticket with Splunk Support.

0 Karma
Reply

pgreer_splunk
Splunk Employee
Splunk Employee
‎03-10-2016 09:42 AM

Apologies, meant to state as well that sending an alert to Splunk and having it action on it could be possible by sending data (via a script, or file, or TCP/UDP flow) to Splunk, then having an alert in Splunk action on the (AWS Cloudwatch alert) data being sent it. But I needed to ask, what is the underlying business/technical reason you would wish to have an alert from AWS Cloudwatch be actioned on by Splunk? Splunk could instead simply ingest the data from AWS Cloudwatch and perform the alerting for you itself.

0 Karma
Reply

swethaJ
New Member
‎03-15-2016 12:39 AM

Thank you for your response.
We have SNOW older version, which couldn't be integrated with Splunk. and so done it with cloud watch to create alarms.
Now can performance data and other log data be sent to Splunk from cloud watch? with out any alert information?

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...