Skip to main content
Splunk Lantern

Managing an Amazon Web Services environment

Scenario: To reduce the expenses of buying, owning, and maintaining physical data centers and servers, your organization has converted most of its infrastructure to cloud infrastructure on Amazon Web Services. This means you have whole new data types to secure and monitor. You need to learn the new services and the metrics that help you run your applications in the AWS cloud efficiently. You want to use Splunk software to manage all the different components of Amazon Web Services, including elastic cloud compute instances, elastic load balancer instances, virtual private clouds, and elastic block store volumes. You also plan to monitor user behavior on these systems.


To succeed in implementing this use case, you need the following dependencies, resources, and information.

How to use Splunk software for this use case

You can run many searches with Splunk software to maintain your AWS environment. Depending on what information you have available, you might find it useful to identify some or all of the following: 


Measuring impact and benefit is critical to assessing the value of IT operations. The following are example metrics that can be useful to monitor when implementing this use case:

  • Number of deprovisioned resources that are found to be idle 
  • Cost savings from deprovisioning and optimization 
  • Mean time to problem resolution

You may also want to look at the following processes in your organization that commonly impact success with this use case:

  • Capacity planning and resource optimization to keep operating expenses as low as possible
  • Provisioning and automation groups using orchestrators such as Kubernetes, Ansible, Puppet, and AWS CloudFormation 
  • Security and compliance will consume and compliment data within this use case. 

Additional resources 

This use case is also included in the IT Essentials Learn app, which provides more information about how to implement the use case successfully in your IT maturity journey. In addition, these Splunk resources might help you understand and implement this use case: