Hello, I'm trying to configuretheCloudTrail and CloudWatch data inputs to collect AWS logs forSplunk. When I select a region that I think is correct, there is no log data coming into Splunk. W...
Hi, I'm trying to configure "custom Data Type" > SQS input in Splunkadd-onforAWS app to onboard data from an AWS account. is it possible to create the SQS input using IAM role instead of a...
Hi - I am trying to get theSplunk App forAWS Security Dashboards working. Apparently the default index the app is using is "main". I need to change this. I know I could c...
I am trying to set up SplunkAdd-onforAWS to pull my logs from my AWS account into splunk. I have a Splunk Enterprise setup on prem in an AWS EC2 server. I used theSplunk Enterprise AMI. I have a...
Curious onthe instructions to Deploy theAWSSplunk App in a clustered environment? We have 1 Master, 1 Searchhead, 2 Indexers, 2 forwarders. I dont think i missed it, but I did not see best p...
What's the best practice to get AWS data, such as VPC Flow, CloudWatch, CloudTrail, into theSplunk platform at scale? The modular inputs in theSplunkAdd-onfor Amazon Web Services are not s...
...rchitecture.
Configure secure and fully automated extraction of data logs for import and analysis with your SIEM platform
S3-compatible API. The log extraction service uses Amazon Simple Storage S...
...instance. There is an awsSplunkadd-in splunkbase , are we able to use this add-on to pull data from a third-party aws account , if so how is it authenticated against third-party account? P...
I'm using current Cloud Splunk: It appears the older "SplunkAdd-onforAWS" can stream in Cloudwatch log-group data through Inputs > Custom Data Type > Cloudwatch Logs. This asks for a c...