Splunk® Enterprise

Add AWS VPC Flow Log data: Single instance

Acrobat logo Download manual as PDF


Splunk Enterprise version 8.0 is no longer supported as of October 22, 2021. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
This documentation does not apply to the most recent version of Splunk® Enterprise. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Configure data collection on your Splunk Enterprise instance

To get data from your data source into your Splunk Enterprise instance, configure a receiver and a forwarder. The receiver is your Splunk Enterprise instance. You install the forwarder on your data host to send data to the receiver.

Enable a receiver using Splunk Web

  1. Log into the receiver as an Admin.
  2. Click Settings, then Forwarding and receiving.
  3. For Configure receiving, click Add new.
  4. You can use the netstat tool to determine what ports are available on your system. Make sure that Splunk Web or splunkd is not using the port you select.
  5. Specify the TCP port you want to make the receiving port.
  6. Click Save. The Splunk software begins to receive incoming data on the port you specified.
  7. Restart the Splunk software.
Last modified on 09 June, 2023
PREVIOUS
Configure accounts for the Splunk Add-on for AWS
  NEXT
Configure inputs for the Splunk Add-on for AWS

This documentation applies to the following versions of Splunk® Enterprise: 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters