Leverage data from your integration with AWS 🔗
You can use Splunk tooling to monitor, collect, process, and send AWS data after you integrate your AWS with Splunk Observability Cloud. See Monitor Amazon Web Services.
By default, Splunk Observability Cloud will bring in data from all supported AWS services associated with your account, with certain limitations. To manage the amount of data to import, see Control the data and metadata to import.
Verify your metrics collection method 🔗
You can use either Splunk Observability Cloud or your AWS CloudWatch console to confirm whether your metrics are collected by polling or by CloudWatch metric streams:
In Splunk Observability Cloud: Use the Plot Editor for Splunk Infrastructure Monitoring to select the org metric
sf.org.num.awsServiceCallCountand filter by the
methodproperty using check boxes to select the following values:
In the AWS CloudWatch console, go to All, then Usage. Select By AWS resource, then CallCount, open the
CallCountmetric and select the following CloudWatch service resources values
Explore your AWS inventory and data 🔗
Review your AWS inventory in Splunk Observability Cloud. To learn about the data model of Splunk Observability Cloud, see Data types in Splunk Observability Cloud.
Locate your metrics 🔗
In the Data Management section, select AWS from the Deployed Integrations list, then select your AWS integration to access the Data Summary. Note that depending on how you retrieve metrics (polling or Metric Streams), the Summary UI is different, and org metrics also differ.
Use the Metric Finder on the left nav menu to get a list of categories you can browse, drawn from your integrations or custom categories, if configured. See Metric Finder for details.
Go to Settings, then select Metric Metadata to acccess the Metadata Catalog. Use it to find metadata associated with the metrics you send to Splunk Infrastructure Monitoring. See Use the Metadata Catalog for details.
Use the Infrastructure Monitoring navigators to explore the collection of technologies used to build, run, and deploy applications in your data ecosystem. See Use navigators in Splunk Infrastructure Monitoring for more information.
See your logs 🔗
If you have access to Splunk Log Observer and selected the CloudWatch Logs option during configuration, you can review detailed log information.
Splunk Log Observer is no longer available for new users. You can continue to use Log Observer if you already have an entitlement.
In the Data Management section, select AWS from the Deployed Integrations list, then select your AWS integration to access the Data Summary. Select the tab and click Explore Log Events to view more details using Splunk Log Observer.
For more information, see Introduction to Splunk Log Observer.
Create detectors and alerts 🔗
You can create detectors and alerts based on your AWS data.
Detectors define rules for identifying conditions of interest and the notifications to send when those conditions occur or stop occurring.
Alerts indicate that incoming data has triggered one of your detectors.
See Introduction to alerts and detectors in Splunk Observability Cloud for details.
Expand your data collection 🔗
Splunk Observability Cloud uses OpenTelemetry to support efficient instrumentation so that you can see your metrics, traces, and logs.
If you haven’t already done so, you can install the Splunk Distribution of OpenTelemetry Collector to collect, process, and send data. See Install the Splunk Distribution of OpenTelemetry Collector for details.
You can also set up Splunk APM Splunk APM to monitor traces from your applications, provided you’ve already installed the Splunk Distribution of OpenTelemetry Collector. See Introduction to Splunk APM for details.