Splunk® App for AWS

Installation and Configuration Manual

Acrobat logo Download manual as PDF


On July 15, 2022, the Splunk App for AWS will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for Amazon Web Services Dashboards and Reports.
This documentation does not apply to the most recent version of AWS. Click here for the latest version.
Acrobat logo Download topic as PDF

What data the Splunk App for AWS collects

The Splunk App for AWS can collect the following data from your AWS environment. Access this data by configuring the inputs, then exploring the relevant dashboards. For more information about which dashboards these inputs support, see "Inputs overview for the Splunk App for AWS".

You can also search for data using the associated source type. When possible, the Splunk App for AWS tags the data for compliance with the Splunk Common Information Model, making it easy to integrate data from your AWS environment with your other security and infrastructure data in the Splunk platform using your own custom dashboards or those provided by other Splunk apps.

AWS data source Description Source type CIM compliance
Config Configuration snapshots and historical configuration data from the AWS Config service. aws:config Change Analysis
Configuration change notifications from the AWS Config service. aws:config:notification Change Analysis
Metadata Descriptions of your AWS resources, used to improve dashboard readability. aws:description None
CloudTrail Management and change events from the AWS CloudTrail service. aws:cloudtrail Change Analysis
VPC Flow Logs VPC flow logs from the CloudWatch Logs service. aws:cloudwatchlogs:vpcflow Network Traffic
CloudWatch Performance and billing metrics from the AWS CloudWatch service. aws:cloudwatch Performance, Databases
Billing Monthly cost allocation reports and Detailed reports with resources and tags that you have configured in AWS. aws:billing None
S3 Generic log data from your S3 buckets. aws:s3 None
Last modified on 21 January, 2016
PREVIOUS
About the Splunk App for AWS
  NEXT
Hardware and software requirements for the Splunk App for AWS

This documentation applies to the following versions of Splunk® App for AWS: 4.0.0


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters