Docs » Connect to your cloud service provider » Connect AWS to Splunk Observability Cloud » Connect to AWS via polling from the Splunk console

Connect to AWS via polling from the Splunk console 🔗

If you have Administrator privileges for Splunk Observability Cloud and your Amazon Web Services (AWS) account, you can use the UI guided setup to create an integration to connect to AWS, and configure metric collection.

Before you start 🔗

Before you proceed, check AWS authentication, permissions, and supported regions and Connect AWS to Splunk Observability Cloud for information on data collection intervals and costs.

For alternative connection methods, see:

Use the UI guided setup to connect to AWS 🔗

To access the guided setup for the AWS integration, perform the following steps:

  1. Log in to Splunk Observability Cloud.

  2. Open the Amazon Web Services guided setup . Optionally, you can navigate to the guided setup on your own:

  • On the navigation menu, select Data Management.

  • Go to the Available integrations tab, or select Add Integration in the Deployed integrations tab.

  • Select the tile for Amazon Web Services.

Next, follow the steps provided in the guided setup:

Define your AWS connection 🔗

In this step you need to choose the following connection options:

In the CloudWatch Metrics option, select Polling as the ingestion method, and set up the polling rate at which you want Splunk Observability Cloud to poll CloudWatch for metric data.


To collect logs, see Send AWS logs to Splunk Platform.

Set up the polling rate 🔗

The polling rate is expressed in seconds, with 60 (1 minute) as the minimum value, and 600 (10 minutes) as the maximum value.

For example, a value of 300 polls metrics once every 5 minutes.

Prepare your AWS account 🔗

In this step, switch to your AWS Console to prepare for authentication.

On this screen, Splunk Observability Cloud gives you the AWS IAM policy JSON snippet, your Splunk Observability Cloud account ID and your External ID, which you’ll need to define your authenticaton policies in the console.

See more details in Authenticate in AWS using an External ID (recommended).

Establish the connection 🔗

Finally, proceed with the last steps:

  • Complete your authentication configuration as prompted.

  • Select your data sources:

    • AWS Regions

    • Built-in and custom services.


Select All built-in services to import all data from built-in CloudWatch namespaces and ensure that built-in dashboards display automatically.

Review the default settings 🔗

After creating an AWS IAM policy and assigning it to a particular role through the guided setup you can modify your configuration.

Modify the scope of data collection 🔗

By default, Splunk Observability Cloud brings in data from all supported AWS services associated with your account, with certain limitations.

Use the check box options in the guided setup to limit the scope of your data collection. These are the available options:

  • Collect Amazon Cost and Usage Metrics.

  • Ingest CloudWatch Metrics. You can deactivate it altogether, or deactivate the polling but activate AWS Metric Streams instead.

  • Select which AWS regions to fetch data from.

  • Select which AWS services to fetch data from.

To limit data collection, you can also:

  • Manage the amount of data to import. See Control the data and metadata to import.

  • In the Data Management menu in Splunk Observability Cloud, edit any integration to limit data import.

  • Use the AWS console to revise the contents of the Action and Resource fields.

Select a CloudFormation template 🔗

Select a CloudFormation template to collect Metric Streams for each AWS region that you want to operate in.

Next steps 🔗

After you connect Splunk Observability Cloud with AWS, you can use Splunk Observability Cloud to track a series of metrics and analyze your AWS data in real time.

This page was last updated on Jun 12, 2024.