Creating AWS security hub custom insights in Splunk



I have been using Splunk actively for three months. I have created custom insights in AWS security hub to monitor continuous compliance tasks. But, these are not setup to send alerts when there is a change in the number of failed resources. I understand it is possible to create these AWS insights in Splunk, and setup alerts when there is a change. How is this done? I imagine these would be standard searches that anyone can use.

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Splunk Community Platform Survey

Hey Splunk Community, Starting today, the community platform may prompt you to participate in a survey. The ...

Observability Highlights | November 2022 Newsletter

 November 2022Observability CloudEnd Of Support Extension for SignalFx Smart AgentSplunk is extending the End ...

Avoid Certificate Expiry Issues in Splunk Enterprise with Certificate Assist

This blog post is part 2 of 4 of a series on Splunk Assist. Click the links below to see the other ...