How to stream AWS CloudWatch Logs to Splunk (Hint: it’s easier than you think)

At AWS re:Invent 2016, Splunk released several AWS Lambda blueprints to help you stream logs, events and alerts from more than 15 AWS services into Splunk to gain enhanced critical security and operational insights into your AWS infrastructure & applications. In this blog post, we’ll walk you through step-by-step how to use one of these AWS Lambda blueprints, the Lambda blueprint for CloudWatch Logs, to stream AWS CloudWatch Logs via AWS Lambda and into Splunk for near real-time analysis and visualization as depicted in the diagram below. In the following example, we are interested in streaming VPC Flow logs which are stored in CloudWatch Logs. VPC Flow logs capture information about all the IP traffic going to and from …

» Continue reading

Announcing new AWS Lambda Blueprints for Splunk

Splunk and Amazon Web Services (AWS) are continuously collaborating to drive customer success by leveraging both the agility of AWS, and the visibility provided by Splunk. To support that goal, we’re happy to announce new AWS Lambda blueprints to easily stream valuable logs, events and alerts from over 15 AWS services into Splunk to help customers gain critical security and operational insights.
splunk_lambda_mediumWith a point-and-click setup, you can use these blueprints to have Splunk ingest data from AWS services such as Kinesis Stream, CloudWatch Logs, DynamoDB Stream and IoT for further data processing & analytics in addition to logging AWS Lambda itself for instrumentation & troubleshooting.

Once Lambda blueprint is configured, events are automatically forwarded in near real-time by Lambda onto Splunk

» Continue reading

Announcing Splunk Enterprise in Microsoft Azure Marketplace

AzureWe are pleased to announce the release of Splunk Enterprise in Microsoft Azure Marketplace!

Now Azure customers can deploy and purchase Azure-certified Splunk Enterprise clusters in minutes, with the entire point-and-click workflow contained within their Azure portal.

This Bring-Your-Own-License offering on Azure IaaS, provides Splunk customers another platform for self-managed Splunk deployments in addition to on-premise and other public cloud deployment options.


What can Splunk Enterprise in Azure Marketplace do for you?

Our mission at Splunk is to make machine data accessible, usable and valuable to everyone. We strive to turn machine data into valuable insights in as little time as possible to help businesses in their journey towards operational intelligence:

Time to value flowchart

Splunk Enterprise in Azure Marketplace enables and

» Continue reading

Deploy your own Splunk cluster on AWS in minutes!

Given Splunk Enterprise is a flexible operational intelligence platform, our users adopt it in various forms: from using it as a cloud service with Splunk Cloud, to deploying it on-premise in their own datacenter, or in their own cloud environment such as AWS.

Since Splunk is about turning machine data into valuable insights in as little time as possible, we always strive for that speed element in all aspects of our product usage:


“80% of my time used to be spent on setting up Splunk, now I spend 80% of my time getting value out of Splunk”

Abdallah Mohammed,
Data Architect, Intuit CTO Dev

In that same spirit, we’re delighted to announce the release of Splunk AWS CloudFormation templates as …

» Continue reading

Still using 3rd party web analytics providers? Build your own using Splunk!

Why Build Your Own (BYO) Client-Side Analytics?

There are many 3rd party web analytics providers such as Google Analytics and Omniture SiteCatalyst. However, with the flexibility of Splunk as general purpose analytics tool, many site owners opt to build their own client-side analytics powered by Splunk. Last month we talked about how jQuery Foundation had their conference website leverage Splunk to collect & analyze all client-side events.

Compared to off-the-shelf web analytics tools, building your own client-side analytics gives you significant advantages:

  • Avoid giving away your users’ data to 3rd party providers
  • Own the complete raw client-side data (as opposed to an aggregation or a sampling), and access it securely – and for free
  • Unlimited tracking and customization: no collection
» Continue reading

Splunking jQuery Conference: drive user experience online and on site!

jQuery Portland 2013 Conference

Last June, jQuery Foundation held their conference in beautiful Portland, Oregon. As a Diamond Sponsor, we wanted to build something that would be beneficial to the jQuery community part of our Splunk4Good initiatives. What’s better than Splunking the entire conference?

To see the end result, check out this interactive infographic showcasing Splunk-powered web analytics applied to the conference website. The complete Splunk dashboard can be found here.

The goal is to capture client-side data (e.g. pageviews, link/button clicks, hovers), and build powerful analytics & visualizations in order to tackle the following business questions:

  1. Which topics are visitors most interested in?
  2. What are the top traffic sources for visitors who purchase tickets?
  3. How are visitors interacting with the site, including
» Continue reading