Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can Data Manager import Cloudwatch ECS Fargate logs?

nramella
Engager
‎12-04-2023 03:05 PM

I'm using current Cloud Splunk:

It appears the older "Splunk Add-on for AWS" can stream in Cloudwatch log-group data through Inputs > Custom Data Type > Cloudwatch Logs. This asks for a comma separated log-groups to feed of of and presumably setups up ingest for them.

Data Manager has a Cloudwatch Logs section,  but it appears to only cover

  • AWS Cloudtrail
  • AWS Security Hub
  • Amazon Guard Duty
  • IAM Access Analyzer
  • IAM Credential support
  • Metadata (EC2, IAM, Network ACLs, EC2 sec groups)

Am I just missing something in Data Manager, does it support ingesting Cloudwatch log-groups?

Should I use "Splunk Add-On for AWS"?

Should forgo both and instead use the splunk log driver with the container tasks as per https://repost.aws/knowledge-center/ecs-task-fargate-splunk-log-driver (posted a year ago)

Thank you!

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Monitoring Postgres with OpenTelemetry

Behind every business-critical application, you’ll find databases. These behind-the-scenes stores power ...

Mastering Synthetic Browser Testing: Pro Tips to Keep Your Web App Running Smoothly

To start, if you're new to synthetic monitoring, I recommend exploring this synthetic monitoring overview. In ...

Splunk Edge Processor | Popular Use Cases to Get Started with Edge Processor

Splunk Edge Processor offers more efficient, flexible data transformation – helping you reduce noise, control ...