Splunk® App for AWS (Legacy)

Installation and Configuration Manual

On July 15, 2022, the Splunk App for AWS will reach its end of life (EOL). After this date, Splunk will no longer maintain or develop this product. Splunk App for AWS is used for both IT monitoring and security use cases because it provides dashboards for both ITOps and security teams. The IT monitoring functionality in Splunk App for AWS is migrating to a content pack in Data Integrations called the Content Pack for Amazon Web Services Dashboards and Reports. The security use case functionality in Splunk App for AWS is migrating to the new Splunk App for AWS Security Dashboards. For more about migration options, see this community post.
This documentation does not apply to the most recent version of Splunk® App for AWS (Legacy). For documentation on the most recent version, go to the latest release.

About the Splunk App for AWS

The Splunk App for AWS gives you critical operational and security insight into your Amazon Web Services account.

The app includes:

  • A pre-built knowledge base of dashboards, reports, and alerts that deliver real-time visibility into your environment.
  • Easy-to-configure data inputs for your Config, CloudTrail, CloudWatch, VPC Flow Logs, Billing, and S3 data.
  • A logical topology dashboard that displays your entire AWS infrastructure to help you optimize resources and detect problems.
  • CIM-compliant fields and tags so that you can integrate your AWS data with your other infrastructure and security data sources.

If you are a Splunk software admin, get the app on Splunkbase and proceed through this manual for detailed installation and configuration instructions.

If you are a Splunk software user, check out the user guide to get familiar with the dashboards.

Access the release notes for a list of new features and known issues in the current release.

Last modified on 25 February, 2016
  What data the Splunk App for AWS collects

This documentation applies to the following versions of Splunk® App for AWS (Legacy): 4.0.0, 4.1.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters