Tech Brief
SPLUNK® AND AMAZON WEB SERVICES (AWS)

 Real-time visibility across your entire AWS and IT environment

 When it comes to the cloud, you can’t secure, operate or manage costs for what you can’t see. As more of your critical workloads move to AWS, you need end-to-end visibility to: 

  • Ensure AWS deployments meet or exceed security and compliance standards

  • Guarantee AWS-based applications and services meet defined SLAs

  • Gain critical security, operational and cost management insights across your entire AWS environment

 Splunk solutions make it easy to gain end-to-end visibility across your AWS and hybrid environment. Deploy as software (Splunk Enterprise) or as a cloud service (Splunk Cloud) to gain a complete view of your cloud, applications and services. Leverage the free Splunk App for AWS (available on Splunk Enterprise, Splunk Cloud and Splunk Insights in AWS Marketplace) to gain critical security, operational and cost optimization insights into your AWS deployment. 

Splunk’s Portfolio of Cloud Solutions Includes:

  • Splunk App for AWS: Collects and analyzes data from over 15 AWS data sources (including AWS CloudTrail, AWS Config, Amazon Virtual Private Cloud Flow Logs, Amazon Inspector, Amazon Kinesis Data Firehose, AWS Billing and Cost Management and more) to deliver security, operational and cost management insights via pre-built dashboards, reports and alerts

  • Splunk Enterprise on AWS: Turn data into answers with Splunk as self-deployed software on AWS

  • Splunk Cloud: Delivers the benefits of Splunk Enterprise as a cloud service

  • Splunk Insights for AWS Cloud Monitoring in AWS Marketplace: Provides teams withend-to-end security, operational and cost-management insights, with a pay-as-you-go option

  • Splunk Phantom AMI in AWS Marketplace: Integrate your team, processes, and existingtools together to support a broad range of SOC functions including playbook automation, infrastructure orchestration, event and case management, collaboration, and reporting.

  • Splunk Insights for Infrastructure PAYG (SII) in AWS Marketplace: An analytics solution that provides a seamless experience for infrastructure monitoring and troubleshooting.

  • AWS Quick Start for Splunk: Accelerates deployment of Splunk software on AWS

  • Innovative Technology: Delivers collection, visualization and analysis for AWS Lambda, Amazon Kinesis Data Firehose, AWS IoT, Amazon Elastic Container Service (ECS) and Amazon EMR
The Splunk App for AWS succeeded in providing us an effortless click-through experience in configuring and monitoring all our AWS logs. Using the Splunk App for AWS we are able to visualize and represent our data in a way that makes sense to developers, system administrators and security professionals in one easy to manage interface..
Nathan J Gibson,
Product Privacy and Security Lead, ADT
 

Gain End-to-End AWS Visibility

The Splunk App for AWS offers a rich set of pre-built dashboards and reports to analyze and visualize data from numerous AWS services—including AWS CloudTrail, AWS Config, AWS Config Rules, Amazon Inspector, Amazon RDS, Amazon CloudWatch, Amazon VPC Flow Logs, Amazon S3, Amazon ECS, Amazon CloudFront, Amazon EBS, Amazon ELB and AWS Billing—all from a single, free app. 

With the app you can: 

  • Ensure security and compliance with a full audit trail

  • Gather critical security insights across AWS audit activity, unauthorized users, key-pair and security group violations, AWS instance changes and more

  • Visually manage your entire AWS environment through a graphical and interactive AWS Topology overview (see Figure 2)

  • Leverage machine learning for insights, recommendations and anomaly detection across security and billing data

  • Manage AWS cost in real time with an in-depth view of used/unused resource cost, cost by account and cost by service

The Splunk App for AWS is available on Splunk Enterprise, Splunk Cloud and on Splunk Insights for AWS Cloud Monitoring in AWS Marketplace.

 

Use Splunk as a Cloud Service 

Splunk Cloud 

Splunk Cloud is an AWS-based service that delivers the benefits of Splunk Enterprise with the flexibility of a cloud service. Using Splunk Cloud, you can search, analyze and visualize data from applications and devices across your entire environment, including AWS, on-premises data centers and any other public/private cloud environments. 

Splunk Cloud meets the highest levels of security and reliability, having completed SOC2 Type 2 attestation and ISO 27001 certification.

Splunk Cloud is available in over 10 AWS Regions globally, including AWS GovCloud (US).

Splunk Insights for AWS Cloud Monitoring 

Splunk Insights for AWS Cloud Monitoring provides teams with end-to-end visibility into their AWS infrastructure from the critical point of workload migration to long after their deployment on AWS. The AMI (Amazon Machine Image) can be deployed via AWS Marketplace and can correlate hybrid environments to remove blind spots from your cloud journey.

Deploy Splunk Enterprise on AWS 

If you prefer to deploy and manage software rather than a cloud service, Splunk Enterprise is perfect for deploying on AWS. It’s self-contained and can be easily deployed on any Amazon Elastic Compute Cloud (EC2) instance. Splunk Enterprise also scales horizontally, making it ideal for an AWS deployment.

 

Accelerate Deployment With Splunk Amazon Machine Images (AMIs) 

Splunk offers AMIs to enable you to rapidly deploy standardized, preconfigured instances on Amazon EC2. Using a Splunk AMI, you can gain access to Splunk solutions with just a few clicks. 

AMIs are available on the AWS Marketplace for Splunk Enterprise and Splunk Insights for AWS Cloud Monitoring

Leverage Splunk Technology for AWS

Collect and monitor data from various AWS sources in real time. 

AWS Lambda

Splunk provides a built-in AWS Lambda Node.js blueprint for HTTP Event Collector that makes it easy to start sending events from AWS Lambda to HTTP Event Collector running on Splunk Cloud or Splunk Enterprise.

Customers love having the agility of AWS with the end-to-end visibility of Splunk.
Andy Jassy,
CEO, AWS

 

Joint customers can instrument their usage of the cloud and easily see what’s being created when and how quickly.
Doug Merritt,
CEO, Splunk

Amazon Kinesis Data Firehose 

Easily stream and transform data from Amazon Kinesis Data Firehose to Splunk Enterprise or Splunk Cloud. Use Splunk to capture, analyze and gain real-time insights into your AWS Services. Splunk provides knowledge management to data ingested from Amazon Kinesis Data Firehose to use with Splunk solutions and apps such as the Splunk App for AWS and Splunk Enterprise Security.

AWS IoT

Quickly ingest, search, visualize and perform advanced analytics on massive real-time and historical data provided by the AWS IoT Service.

 

Amazon Elastic Container Service (Amazon ECS)

Customers running containers on Amazon ECS receive all the benefits of the Splunk Connect for Docker, including better data classification and searching, support for flexible RBAC, and easy and scalable data collection.

Amazon Elastic Container Service for Kubernetes (Amazon EKS) 

Amazon EKS makes it easy to deploy, manage, and scale containers using Kubernetes. Splunk Connect for Kubernetes complements Amazon EKS by enabling you to easily capture container and cluster logs, events, and metrics, allowing for more monitoring and insight into your Kubernetes deployment.

Amazon EMR

Easily build a Splunk Analytics for Hadoop environment running on Amazon EMR.

Amazon GuardDuty 

Streamline ingestion of Amazon GuardDuty security findings from across regions and accounts into the Splunk platform for further analysis. By aggregating and analyzing findings of Amazon GuardDuty, Splunk can provide security teams additional context for early detection, rapid investigations and remediation of potential threats.

AWS Credentials and Integrations

  • AWS Advanced Technology partner

  • AWS Security competency

  • AWS Data and Analytics competency

  • AWS Cloud Management Tools competency

  • AWS Container competency

  • AWS DevOps competency

  • AWS Education competency

  • AWS Government competency

  • AWS IoT competency

  • AWS MSP Technology provider

  • AWS Marketplace partner

  • AWS Security Automation & Orchestration partner

  • AWS SaaS Program partner

  • AWS GovCloud (US) Skill partner

Global Customer Success

Adobe: Ensuring security and compliance across a globally distributed, large-scale AWS deployment

Autodesk: Saving hundreds of thousands of dollars in capital costs, time and labor expenses

Coca-Cola: Powering a digital transformation in marketing

EnerNOC: Gaining visibility into its AWS environment and turning data into real-time security insights

FamilySearch: Gaining critical visibility to move to continuous delivery with 900 deploys per day

FINRA: Ingesting data from 170 different applications, enabling advanced analytics, powerful visualizations and meaningful alerts

REI: Gaining Edge Protection with Splunk Cloud and AWS

About AWS: For over 12 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud platform. AWS offers over 125 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, virtual and augmented reality (VR and AR), media, and application development, deployment, and management from 55 Availability Zones (AZs) within 18 geographic regions and one Local Region around the world, spanning the U.S., Australia, Brazil, Canada, China, France, Germany, India, Ireland, Japan, Korea, Singapore, and the UK. AWS services are trusted by millions of active customers around the world—including the fastest-growing startups, largest enterprises, and leading government agencies—to power their infrastructure, make them more agile, and lower costs. To learn more about AWS, visit https://aws.amazon.com.

About Splunk: Splunk Inc. (NASDAQ: SPLK) turns machine data into answers. Organizations use market-leading Splunk solutions with machine learning to solve their toughest IT, Internet of Things and security challenges. Join millions of passionate users and discover your “aha” moment with Splunk today: www.splunk.com.

 

Splunk App for AWS 

Get started with the Splunk App for AWS to gain operational visibility and security into your AWS environment. 

Splunk Cloud 

Get started now with Splunk Cloud through the free Splunk Cloud Trial. Or simplify your procurement process and subscribe to Splunk Cloud via the AWS Marketplace

Splunk Enterprise 

Download Splunk Enterprise for free or find the Splunk Enterprise AMI in AWS Marketplace

Splunk Insights for AWS Cloud Monitoring 

Analytics and visibility for your AWS workloads. Get started today with a Free Trial

Splunk Insights for Infrastructure PAYG 

A seamless monitoring and troubleshooting solution. Get started today with a Free Trial in AWS Marketplace

Splunk Phantom Security Operations Platform 

Integrates your team, processes, and tools together.  Get started today with the Free Splunk Phantom Community Edition AMI in AWS Marketplace

Leverage Splunk Technology Innovations for AWS 

Utilize AWS Lambda, Amazon Kinesis Firehose, AWS IoT, Amazon Elastic Container Service and Amazon EMR integrations.