Hi Folks,
Anyone out there Splunked their AWS config logs (Cloudwatch, AWS Config etc) without using the AWS app?
I have an eye watering amount of AWS logs that firehose into my on prem indexes. I don’t have the option of installing the app, but wondering if I could edit it to work against my existing index / source.
Failing that I guess I’ll go hunting and rex’ing.
Thoughts welcome. Thanks!
... View more