Hi, I'm trying to configure "custom Data Type" > SQS input in Splunkadd-onforAWS app to onboard data from an AWS account. is it possible to create the SQS input using IAM role instead of a...
I am trying to set up SplunkAdd-onforAWS to pull my logs from my AWS account into splunk. I have a Splunk Enterprise setup on prem in an AWS EC2 server. I used theSplunk Enterprise AMI. I have a...
...ay to configuretheadd-on to pull the logs from this s3 bucket... there are so many input options but we tried S3 Inputs/Access Logs/Generic S3 with the account and role...
Hello I am collecting data via AWSaddon and what I have found is that my timestamp recognition isn't working properly. I have a single AWSinput using the [aws:s3:csv] sourcetype. this the...
Curious onthe instructions to Deploy theAWSSplunk App in a clustered environment? We have 1 Master, 1 Searchhead, 2 Indexers, 2 forwarders. I dont think i missed it, but I did not see best p...
Hi SPLUNK gurus: We have enterprise cloud splunk. I am doing an upgrade to theawsaddon: Splunk copies n backups our configuration into a 7 day rotational backup: I was w...
Hi - I am trying to get theSplunk App forAWS Security Dashboards working. Apparently the default index the app is using is "main". I need to change this. I know I could c...
...instance. There is an awsSplunkadd-in splunkbase , are we able to use this add-on to pull data from a third-party aws account , if so how is it authenticated against third-party account? P...
...rchitecture.
Configure secure and fully automated extraction of data logs for import and analysis with your SIEM platform
S3-compatible API. The log extraction service uses Amazon Simple Storage S...