Splunk® Supported Add-ons

Splunk Add-on for AWS

Download manual as PDF

Download topic as PDF

Release notes for the Splunk Add-on for AWS

Version 4.6.1 of the Splunk Add-on for Amazon Web Services was released on December 10, 2019.

Compatibility

Version 4.6.1 of the Splunk Add-on for Amazon Web Services is compatible with the following software, CIM versions, and platforms:

Splunk platform versions 6.5 and later
CIM 4.3 and later
Supported OS for data collection Platform independent
Vendor products Amazon Web Services CloudTrail, CloudWatch, CloudWatch Logs, Config, Config Rules, Inspector, Kinesis, S3, VPC Flow Logs, Billing services, SQS, and SNS.

New features

Version 4.6.1 of the Splunk Add-on for AWS version contains the following new and changed features:

  • FIPS compliance
  • Updated third party components

Fixed issues

Version 4.6.1 of the Splunk Add-on for Amazon Web Services fixes the following issues. If no issues appear below, no issues have yet been fixed.


Known issues

Version 4.6.1 of the Splunk Add-on for Amazon Web Services has the following known issues. If no issues appear below, no issues have yet been reported.


Third-party software attributions

Version 4.6.1 of the Splunk Add-on for Amazon Web Services incorporates the following third-party libraries.

PREVIOUS
Source types for the Splunk Add-on for AWS
  NEXT
Release history for the Splunk Add-on for AWS

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Comments

Hi Shawn,
Thanks for providing feedback on this issue. I have forwarded your suggestion, as well as your workaround to our engineering team for review for future releases.

Mglauser splunk, Splunker
October 4, 2018

AWS now provides an option for VPCFlow Logs to go to S3. I have modified the props and tranforms configuration to ingest SQS S3 and ignore the header and created sourcetype modeled after the existing aws:cloudwatch:vpcflow to create a sourcetype aws:s3:vpcflow input and it works as intended. This may be beneficial to include by default on the next release for those larger enterprise customers who may centralize VPCFlows from multiple accounts into a centralized AWS logging account.
https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.html

ShawnWarner7
October 3, 2018

Is there any plan to add support for elbv2 API ? i.e. Application Load Balancers. It would be awesome if the description input would include it along with other stuff.

Kud360
November 2, 2016

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters