Splunk AWS Quick Start: Deploy Your AWS Splunk Environment In Minutes

If I told you that a fully operational Splunk Enterprise deployment in AWS could be yours in a matter of minutes, would you be interested? Sit down, relax, and I’ll tell you all you need to know to have a Splunk Enterprise deployment ready to index; fully configured with indexer replication and search head clustering in less than an hour.

Late last year, I wrote a deployment guide for Splunk Enterprise on AWS that explains your options when deploying Splunk Enterprise in AWS. Today, it gets better: I’m happy to report that document has been expanded upon, and Splunk has released an official Splunk Enterprise AWS Quick Start.

If you’re not familiar with AWS Quick Start, the underlying …

» Continue reading

How to stream AWS CloudWatch Logs to Splunk (Hint: it’s easier than you think)

At AWS re:Invent 2016, Splunk released several AWS Lambda blueprints to help you stream logs, events and alerts from more than 15 AWS services into Splunk to gain enhanced critical security and operational insights into your AWS infrastructure & applications. In this blog post, we’ll walk you through step-by-step how to use one of these AWS Lambda blueprints, the Lambda blueprint for CloudWatch Logs, to stream AWS CloudWatch Logs via AWS Lambda and into Splunk for near real-time analysis and visualization as depicted in the diagram below. In the following example, we are interested in streaming VPC Flow logs which are stored in CloudWatch Logs. VPC Flow logs capture information about all the IP traffic going to and from …

» Continue reading

It’s cloudy in London. Monitoring workloads in the AWS London Region with Splunk.

LondonClouds

Hi everyone, Happy New Year (is it too late to be still saying that?) I’m currently sat in Splunk’s London office just behind Paddington train station and to no ones surprise it’s cloudy. Clouds aren’t anything new to London, but just before Christmas, AWS launched its new Europe (London) Region.

Following on from the new region launch, I’m happy to announce the latest update to the Splunk App for AWS. This update (5.0.1) now gives support for the AWS London Region. This means that if you’re monitoring your AWS workloads (be that globally, EMEA-wide or just in the UK) you can now use machine data from the UK region to get Operational Intelligence and real-time visibility. The app is …

» Continue reading

Getting Cloud Native with Splunk and Cloud Foundry

The following is guest blog post by Matt Cholick, software engineer, Pivotal.

Enterprises are moving to microservices architectures, continuous delivery practices, and embracing DevOps culture. This is the foundation of a modern, “cloud-native” business. At Pivotal, we help companies make this transformation with our Pivotal Cloud Foundry product.

Our customers want to extend the utility of Splunk to include their new cloud-native apps running on Cloud Foundry. To this end, we’ve been working up an integration between these two products. This post reviews our progress so far, and concludes with an invite to our private beta program.

Screen Shot 2017-01-19 at 1.57.30 PM

What is Pivotal Cloud Foundry?

Pivotal Cloud Foundry is a platform, based on open source software, for deploying and operating applications. …

» Continue reading

Head in the Cloud? Maximize your Operational Intelligence with Even Deeper Integration Between Splunk and AWS

Even more exciting news from re:invent!

In case you weren’t watching the live-stream of the event, you may have missed the keynote announcement this morning about the new service called AWS Personal Health.

Splunk’s integration with AWS Personal Health allows AWS customers to proactively monitor over 70 services and quickly act on personal service interruptions informing their users of things like reserved instance retirement, network issues, even instance failures. Before, if there was a network issue, your only way of knowing was based on regional or availability zone messaging. This integration brings an even more personalized experience to using Splunk for monitoring and managing your mission critical workloads in AWS.

The AWS Health API delivers critical data on AWS service quality and …

» Continue reading

AWS Operational, Security and Cost Management Insights Starting at $3/day

LGO-Splunk-Light-CMYK-KThanksgiving is over and we now enter the gift-giving season and Splunk has something that you can both be thankful for as well as a little gift for you (just make sure you read to the end).  First, what you can be thankful for – you can now get full visibility into your AWS environments starting at just $3/day with the new combination of Splunk Light and the Splunk App for AWS 5.0.

Let’s face it, if you use Amazon Web Services (AWS) you use it for a few key reasons:

  • Ease of deployment and ongoing maintenance
  • On-demand flexibility
  • Lower total cost of ownership than an on-premise environment

With all of that you also get a ton of information …

» Continue reading

Announcing new AWS Lambda Blueprints for Splunk

Splunk and Amazon Web Services (AWS) are continuously collaborating to drive customer success by leveraging both the agility of AWS, and the visibility provided by Splunk. To support that goal, we’re happy to announce new AWS Lambda blueprints to easily stream valuable logs, events and alerts from over 15 AWS services into Splunk to help customers gain critical security and operational insights.
splunk_lambda_mediumWith a point-and-click setup, you can use these blueprints to have Splunk ingest data from AWS services such as Kinesis Stream, CloudWatch Logs, DynamoDB Stream and IoT for further data processing & analytics in addition to logging AWS Lambda itself for instrumentation & troubleshooting.

Once Lambda blueprint is configured, events are automatically forwarded in near real-time by Lambda onto Splunk

» Continue reading

The New and Improved Splunk App for AWS 5.0

reinvent-logo-2x-centeredOver the past few years, I have had the opportunity to talk to so many customers using Splunk to manage their AWS environment. I have always heard the same thing- give us more! I was at AWS re:Invent 2013, when we launched the first version of the Splunk app for AWS, and I was impressed with the excitement around the dashboards and insights we offered for AWS CloudTrail. Since then we have expanded to fourteen source types (AWS CloudTrail, ELB Accesslogs, S3 Accesslogs, Cloudfront, Billing, Cloudwatch, Cloudwatch logs, VPC Flowlogs, Inspector, Config, Config Rules, Description & Config Notifications) and three inputs to collect data (S3, SQS & Kinesis). In that same time, we have also grown from a few …

» Continue reading

Gatwick Airport lands passenger experience & operational efficiency with IoT, analytics and Splunk Cloud.

Gatwick-AirportBIG

95% of passengers through security in 5 mins or less.

We’ve all been there, stuck at an airport, flight delayed, watching the departures board, trying to find somewhere to sit down and wanting to set off to where you’re going or just get home. Gatwick Airport, the busiest single runway airport in the world, processing up to 945 flights per day is striving to make this situation a thing of the past. I’m delighted to announce that they are using data from the Internet of Things and Splunk Cloud to improve the passenger experience and enhance operational efficiencies across the airport. Gatwick are using their machine data to deliver historic, real-time and predictive analytics to ensure a faster journey through the …

» Continue reading

Analytics, SIEM, Nerve Center, Lean SOC to Headline Security Day at AWS re:Invent 2016

Learn all about Splunk at AWS re:Invent 2016.

reinvent-logo-2x-centeredIt is a special time of the year for the Splunk Security Team as we are few weeks away from AWS re:Invent 2016.  It will be an electrifying few days and we look forward to interacting with the AWS community, Splunk customers, security practitioners, and partners. Furthermore, we are excited to learn about their use cases, workloads and innovative ways in which they use Cloud, Splunk Cloud and Splunk security solutions.

Security Day
Join us on December 1st in the Splunk booth #206 to learn about key security themes and solution that will help accelerate your journey to the Cloud.

The Splunk theater session will have presentations throughout the day …

» Continue reading