Re: AWS Config data in Splunk

amitshrigoel · ‎01-09-2025

I am trying to query AWS config data in Splunk to identify the names of all S3 buckets in AWS. Is there a way to write a SPL that will list out the S3 bucket names from t

ezamit · ‎01-13-2025

I have attached the raw data to the post. I am trying the following query to identify the ResourceTypes and the count but it is not giving me any results :

index=app_shared source=aws.config | stats count by resourceType | table resourceType

I think we can also narrow down to only - "detail-type": "Config Configuration Item Change"

PaulPanther · ‎01-10-2025

Please provide sample data to help you with the search query

ezamit · ‎01-13-2025

I have attached the raw data to the post. I am trying the following query to identify the ResourceTypes and the count but it is not giving me any results :

index=app_shared source=aws.config | stats count by resourceType | table resourceType

I think we can also narrow down to only - "detail-type": "Config Configuration Item Change"

AWS Config data in Splunk

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Join the Conversation

AWS Config data in Splunk

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+