Configure Splunk Enterprise to work with Amazon Kinesis Firehose
Indexers in AWS VPC
Indexers in Splunk Enterprise
If you have not placed your indexers in an AWS Virtual Private Cloud, but the indexers are accessible from AWS Firehose via public IPs, install a CA-signed SSL certificate on each indexer, then send data directly to your indexers.
Prepare your indexers before you proceed:
- Install a CA-signed SSL certificate on each indexer.
- Create a DNS name that resolves to the set of indexers that you plan to use to collect data from Amazon Kinesis Firehose. You will need this DNS name in a later step.
For more information about SSL, see the Additional resources topic at the end of this manual.
Configure Amazon Web Services to collect data
Install the Splunk Add-on for Amazon Kinesis Firehose
This documentation applies to the following versions of Splunk® Enterprise: 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.3.0, 7.3.1, 7.3.2