Splunk® App for AWS Security Dashboards

Installation and Configuration Manual

Installing the app on Splunk Cloud Platform

If you are an existing user of Splunk App for AWS and plan to migrate to Splunk App for AWS Security Dashboards, See Migrate from Splunk App for AWS to the Splunk App for AWS Security Dashboards

The Splunk App for AWS Security Dashboards might already be installed on your Splunk Cloud Platform instance. Follow the instructions below to verify whether you have it installed, upgrade or obtain the files you need, or find out how to get assistance from support to install or upgrade.

Use the instructions in the section that matches the type of Splunk Cloud Platform deployment you have:

If you don't know whether you are on a managed or self-service Splunk Cloud Platform, see Splunk Cloud Platform deployment types.

Install on self-service Splunk Cloud Platform

  1. In Splunk Cloud Platform, click the Splunk > icon in the upper left to go to the home screen.
  2. Click the gear icon next to Apps at the top of the navigation bar to open the Manage Apps page.
  3. Look for the Splunk App for AWS Security Dashboards in your list of installed apps. The latest version has the folder name splunk_app_aws_security and the version number 1.0.0.
    1. If you do not see any app with this folder name listed, go to Step 4.
    2. If you see this version, click Enable under the Status column if it is not already enabled. Go step 6.
  4. If you do not have a supported version of the Splunk App for AWS Security Dashboards in your app list, click Browse more apps.
  5. In the search bar, enter AWS.
    1. Look for Splunk App for AWS Security Dashboards in the results.
    2. Click Install.
    3. Follow the wizard to install the app.
  6. Check to see if Splunk Add-on for AWS appears in the app list on your Manage Apps page. This add-on has the folder name Splunk_TA_aws. You need both the app and the add-on installed. If the add-on appears in the list, check the version number.
    1. If you do not have the Splunk Add-on for AWS listed, go to Step 7.
    2. If the version number is 5.0.4 or later, you have a supported version. If the add-on is disabled, click Enable under the Status column to enable it.
    3. If the version number is anything less than 5.0.4, click Upgrade. Follow the wizard to install the latest version.
  7. If you have verified that you do not currently have the Splunk Add-on for AWS in your app list, click Browse more apps.
  8. In the search bar, enter AWS.
    1. Look for Splunk Add-on for AWS in the results.
    2. Click Install.
    3. Follow the wizard to install the add-on.

After you install the app and add-on, create indexes the app uses to report on preconfigured saved searches. For more information, see Create indexes and schedule saved searches.

Install on managed Splunk Cloud Platform

If the app isn't installed, file a ticket on the Splunk Support Portal, see Support and Services. Splunk Cloud TechOps will install the correct version of the app and its dependencies, and assist you with any migration tasks, if they are necessary.

Last modified on 14 August, 2024
System requirements for the Splunk App for AWS Security Dashboards   Installing the app on Splunk Enterprise

This documentation applies to the following versions of Splunk® App for AWS Security Dashboards: 1.1.1, 1.1.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters