Introduction to the Splunk Add-on for Amazon Web Services
|Supported vendor products||Amazon Web Services CloudTrail, CloudWatch, CloudWatch Logs, Config, Config Rules, EventBridge (CloudWatch API), Inspector, Kinesis, S3, VPC Flow Log, Billing services, Amazon Security Lake, SQS, SNS, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Security Hub findings events|
|CIM-compliant vendor products||AWS CloudTrail, AWS CloudWatch, AWS Config and AWS Config Rules, Amazon Inspector, Amazon Virtual Private Cloud, AWS Security Hub findings events|
|Add-on has a web UI||Yes. This add-on contains views for configuration.|
Use the Splunk Add-on for Amazon Web Services (AWS) to collect performance, billing, raw or JSON data, and IT and security data on Amazon Web Service products using either a push-based (Amazon Kinesis Firehose) or pull-based (API) collection method.
This add-on provides modular inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for AWS, Splunk Enterprise Security, and Splunk IT Service Intelligence.
See Use cases for the Splunk Add-on for AWS for more information.
See Release notes for the Splunk Add-on for AWS for a summary of new features, fixed issues, and known issues.
See Questions related to Splunk Add-on for Amazon Web Services on the Splunk Community page.
Use cases for the Splunk Add-on for AWS
This documentation applies to the following versions of Splunk® Supported Add-ons: released