Overview

AWS Splunk Add-on is an integration that enables users to collect and index data from various AWS services into the Splunk platform. It provides a unified view of data in your AWS environment and allows for streamlined monitoring, troubleshooting, and security analysis.

Available Integrations

Why You Should Integrate

Importing Sevco asset data from AWS S3 into Splunk will allow you to generate reports, create dashboards, and leverage Splunk's search language to conduct complex queries and gain insights.

How Does the Integration Work

This integration pulls exported asset data from AWS S3 and imports it into Splunk. This process takes place after users have configured the Sevco AWS S3 integration.

Requirements

The following requirements must be met to configure this Integration:

• Sevco AWS S3 integration configured
• AWS Splunk Add-on integration installed

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

⚠️

Please review the configuration instructions in the section below before setting up permissions for apps.

Configuration

1. Add your AWS account to Splunk

Follow these instructions for adding and managing AWS accounts in your instance of Splunk.

Splunk Add-on for AWS

2. Create a Custom Data Type Input: Follow these instructions for creating a Custom Data Type Input for S3.

External Documentation

Creating Credentials

See Sevco platform documentation for details on AWS – Creating Credentials.

Required Permissions

Sevco AWS S3

See Sevco platform documentation for details on AWS S3 – Required Permissions.

AWS Splunk Add-on

Required S3 permissions for allowing Splunk to consume S3 data

API Documentation

Contact Us

If you're having problems configuring an Integration, or if you've found something wrong in this document, please email us at [email protected] or suggest edits directly by selecting the Suggest Edits link located in the upper right hand corner of the documentation.

Tags: cloud