Splunk App for AWS

Ensure adherence to security and compliance standards, and gain visibility into AWS billing and usage, with the Splunk App for AWS.

The Splunk App for AWS integrates with AWS CloudTrail and offers a pre-built knowledge base of critical dashboards and reports. Using the Splunk App for AWS, you can gather important insights into security-related activity such as unauthorized access attempts, simultaneous logins from geographically disparate locations, and frequent changes to access control privileges. You can ensure security and compliance with continuous monitoring and a full audit trail of user activity.

The Splunk App for AWS also consumes critical billing and account information from S3, enabling you to monitor AWS spend and optimize resource allocation.

Also, to get Splunk Enterprise as an AWS-based service, check out Splunk Cloud. To deploy Splunk in AWS yourself, find the Splunk Enterprise AMI in the AWS Marketplace.

Release Notes

What's new in this version :

AWS CloudTrail :

  • Modular input for collection from AWS CloudTrail
  • Dashboards for collection from AWS CloudTrail

AWS Billing & Usage :

  • Spot instances usage tracking
  • EBS Volumes usage analysis
  • EBS Snapshots usage analysis

CloudTrail section of Splunk App for AWS allows you to identify/analyze all activities happen within your AWS environment and this way it gives in-depth visibility and rapid insights into your AWS administration and account activity. Billing & Usage section helps you to collect reserved/un-reserved instances data and Billing data from which in-depth analysis of usage patterns and spending becomes available for Amazon EC2 environment. This analysis not only helps to optimized usage of Amazon EC2 environment but also gives baseline calculations and month-over-month comparison of spending.

There are two docs available under the app folder.

README.txt - to configure Billing and usage section

USAGE.txt - to configure CloudTrail section


Billing Analysis

  • Spending Trends by Subaccounts
  • Billing Projections
  • Month-over-Month Billing Comparision
  • Spending Alerts based on user-specified Spend-limit

Instance Usage Analysis

  • On-demand Instances usage Analysis
  • Reserved instances usage Analysis
  • Un-used Reserved Instances at any hour
  • Instance usage Analysis by instance-type, availability zones, tags & sub-accounts
  • Baseline calculations and recommendations

10 ratings

Community Supported

This app is published by Splunk but is not officially Splunk supported.

Ask a Question

Built by Splunk Inc