Skip to main content
Lantern Home
 
 
 
Splunk Lantern

Expanding AWS log ingestion capabilities with custom logs in Splunk Data Manager

  1. Last updated
  2. Save as PDF

 

Amazon CloudWatch Logs (CWL) is an AWS service that enables you to centralize the logs from all of your systems, applications, and AWS services.

Splunk Data Manager already simplifies CWL data onboarding from a wide variety of defined AWS data sources (see current documentation for full list), including:

  • Amazon API Gateway
  • AWS CloudHSM
  • AWS Cloudtrail
  • Amazon Document DB
  • Amazon Elastic Kubernetes Service (Amazon EKS)
  • Amazon GuardDuty
  • AWS IAM
  • AWS Lambda
  • AWS Metadata
  • Amazon Relational Database Service (Amazon RDS)
  • AWS Security Hub
  • AWS S3
  • AWS Load Balancer (ELB)
  • Amazon VPC Flow Logs

With Splunk Data Manager 1.9.0+, the same simplified CloudWatch ingest experience is available for an even broader array of custom AWS service and application logs. This ensures comprehensive coverage and deeper insights into AWS environments, facilitating efficient and scalable log management.

Check out this video walkthrough on how to implement this feature:

Next steps

These additional Splunk resources might help you understand and implement these recommendations: