Hi Splunkers,
I have a request for our environment: I have to send AWS logs to our Splunk, which is a Cloud one.
Googling I found some very usefull guides, for different type of logs, such as the ones of a specific EC2 istance, for example all the logs of
/var/logs
of a Linux VM.
What I was not able to find, is how to send the AWS Hypervisor logs to Splunk; when I say Hypervisor logs I mean all the one related to VM, and so EC2 istances, management.
For example, I want to be able to see on Splunk if some admin has created, deleted, stopped or started an EC2 istance, both a new one or an exiting one. Is there some config docs/guides I can use?