CINXE.COM

Amazon - Splunk Lantern

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Amazon - Splunk Lantern</title> <link media="screen" type="text/css" rel="stylesheet" href="https://a.mtstatic.com/@cache/layout/legacy.css?_=814adc7572602bc7c2a39e3e9899638a_bGFudGVybi5zcGx1bmsuY29t:site_13743" id="mt-screen-css" /> <link media="print" type="text/css" rel="stylesheet" href="https://a.mtstatic.com/@cache/layout/print.css?_=a87985e947b3b92ebec6cfe4689bceb3:site_13743" id="mt-print-css" /> <script type="text/javascript" nonce="0add1c7aa74a588b702075e40de52f9dfa46c1f095f95bf58764b245de07cbbf" src="https://a.mtstatic.com/deki/javascript/out/grape.min.js?_=76f77a33377b2f0da26a22ff3a2c3345f92f980b:site_13743"></script><script type="application/json" id="mt-global-settings" nonce="0add1c7aa74a588b702075e40de52f9dfa46c1f095f95bf58764b245de07cbbf">{"apiToken":"xhr_2_1732693599_483189e96a1a1b28a1e6d06b75c37b0a4b68d0e5a7604b0bc9ae080ab3c1e1d2","pageId":5735,"pageViewId":"8098432b-35b3-427a-9a3d-dae5bf46a33b"}</script> <!-- OneTrust Cookies Consent Notice start for lantern.splunk.com --> <script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charset="UTF-8" data-domain-script="a033fe7d-80cf-4e46-8cc6-1a0d7f0cf92c"></script> <script type="text/javascript">/*<![CDATA[*/ function OptanonWrapper() { } /*]]>*/</script> <!-- OneTrust Cookies Consent Notice end for lantern.splunk.com --> <!-- Google Tag Manager --> <script>/*<![CDATA[*/(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-TPV7TP');/*]]>*/</script> <!-- End Google Tag Manager &acirc;&#134;&#146; <- Google Tag Manager (noscript) &acirc;&#134;&#146; <noscript> <iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TPV7TP" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript> <- End Google Tag Manager (noscript) &acirc;&#134;&#146;</html>--> <script type="text/javascript" nonce="0add1c7aa74a588b702075e40de52f9dfa46c1f095f95bf58764b245de07cbbf">(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create','UA-65721316-34','lantern.splunk.com',{name:'mtTracker',allowLinker:true});ga('mtTracker.require','linker');ga('mtTracker.set', 'anonymizeIp', true);ga('mtTracker.send','pageview');document.addEventListener('mindtouch-web-widget:f1:loaded',function(e){var t=e.data||{},d=t.widget;d&&''!==t.embedId&&document.addEventListener('mindtouch-web-widget:f1:clicked',function(e){var t=(e.data||{}).href;if(t){var n=document.createElement('a');n.setAttribute('href',t),'expert-help.nice.com'===n.hostname&&(e.preventDefault(),ga('linker:decorate',n),d.open(n.href))}})});</script> </head> <body class="columbia-page-main columbia-article-topic columbia-breadcrumb-home-datadescriptors-amazon columbia-live no-touch columbia-lang-en-us columbia-skin-grape"> <div class="grape-messaging"> </div> <div class="grape-header-custom"> <div class="custom-nav-wrapper"><div class="navbar"><div class="logo-container"><div class="navbar-link navbar-logo"><div translate="no"><a href="https://splunk.com" target="_blank" rel="external noopener nofollow" class="link-https"><img src="https://lantern.splunk.com/@api/deki/site/logo.png?default=https://a.mtstatic.com/skins/styles/elm/logo.svg%3F_%3D76f77a33377b2f0da26a22ff3a2c3345f92f980b:site_13743" /></a></div></div><div class="navbar-link lantern-home"><a class="internal" href="https://lantern.splunk.com/" rel="internal">Lantern Home</a></div><div class="navbar-link navbar-link-toggle"><span class="hamburger"></span><span class="hamburger"></span><span class="hamburger"></span></div></div><nav class="navbar-items navbar-items-right"><div class="navbar-link mobile-user-wrapper"><img id="splunk-login-icon" class="internal" alt="splunk-login-icon.png" loading="lazy" src="https://lantern.splunk.com/@api/deki/files/4151/splunk-login-icon.png?revision=1" /><a href="https://lantern.splunk.com/@app/auth/2/login?returnto=Data_Descriptors/Amazon" rel="nofollow">Login</a></div><div class="navbar-link"><a target="_blank" href="https://docs.splunk.com/" rel="external noopener nofollow" class="link-https">Documentation</a></div><div class="navbar-link"><a target="_blank" href="https://www.splunk.com/en_us/community.html" rel="external noopener nofollow" class="link-https">Community</a></div><div class="navbar-link"><a target="_blank" href="https://www.splunk.com/en_us/training.html" rel="external noopener nofollow" class="link-https">Training &amp; Certification</a></div><div class="navbar-link"><a target="_blank" href="http://login.splunk.com/page/sso_redirect?type=portal" rel="external noopener nofollow" class="external">Support Portal</a></div><div class="navbar-link"><a target="_blank" href="https://usergroups.splunk.com/" rel="external noopener nofollow" class="link-https">User Groups</a></div><div class="navbar-link user-dropdown"><img id="login-icon" class="internal" alt="splunk-login-icon.png" loading="lazy" src="https://lantern.splunk.com/@api/deki/files/4151/splunk-login-icon.png?revision=1" /><div id="dropdown-wrapper"><div class="triangle"></div><ul><a href="https://lantern.splunk.com/@app/auth/2/login?returnto=Data_Descriptors/Amazon" rel="nofollow">Login</a></ul></div></div><div class="navbar-link"><a target="_blank" href="https://www.splunk.com/en_us/download/splunk-cloud/cloud-trial.html" rel="external noopener nofollow" class="link-https">Free Splunk</a></div></nav></div></div> <script type="text/javascript">/*<![CDATA[*/ function classToggle() { const navs = document.querySelectorAll('.navbar-items') navs.forEach(function(nav) { nav.classList.toggle('navbar-toggle-show') }) } document.querySelector('.navbar-link-toggle') .addEventListener('click', classToggle);/*]]>*/</script> <script type="text/javascript">/*<![CDATA[*/ var userDropLink = document.querySelector(".navbar-link.user-dropdown"); var userDropName = document.getElementById("user-dropdown-name"); var userDropMenu = document.getElementById("dropdown-wrapper"); var userDropArrow = document.querySelector(".dropdown-arrow"); var userIcon = document.getElementById("login-icon-desk-anon"); console.log(userIcon); function showDropdown() { if(userDropName && userDropArrow) { userDropArrow.style.transform = "rotate(180deg)"; userDropArrow.style.color = "#ed0080"; userDropMenu.style.display = "block"; userDropName.style.background = "#ed0080"; } else { console.log("anon"); userDropMenu.style.display = "block"; userIcon.style.fill = "#ed0080"; } } function hideDropdown() { if(userDropName && userDropArrow) { userDropMenu.style.display = "none"; userDropName.style.background = "#656c76"; userDropArrow.style.transform = "rotate(0deg)"; userDropArrow.style.color = "#656c76"; } else { userDropMenu.style.display = "none"; userIcon.style.fill = "#656c76"; } } userDropLink.addEventListener("mouseenter", showDropdown); userDropLink.addEventListener("mouseleave", hideDropdown);/*]]>*/</script> <script type="text/javascript">/*<![CDATA[*/ (function(){var g=function(e,h,f,g){ this.get=function(a){for(var a=a+"=",c=document.cookie.split(";"),b=0,e=c.length;b<e;b++){for(var d=c[b];" "==d.charAt(0);)d=d.substring(1,d.length);if(0==d.indexOf(a))return d.substring(a.length,d.length)}return null}; this.set=function(a,c){var b="",b=new Date;b.setTime(b.getTime()+6048E5);b="; expires="+b.toGMTString();document.cookie=a+"="+c+b+"; path=/; "}; this.check=function(){var a=this.get(f);if(a)a=a.split(":");else if(100!=e)"v"==h&&(e=Math.random()>=e/100?0:100),a=[h,e,0],this.set(f,a.join(":"));else return!0;var c=a[1];if(100==c)return!0;switch(a[0]){case "v":return!1;case "r":return c=a[2]%Math.floor(100/c),a[2]++,this.set(f,a.join(":")),!c}return!0}; this.go=function(){if(this.check()){var a=document.createElement("script");a.type="text/javascript";a.src=g;document.body&&document.body.appendChild(a)}}; this.start=function(){var t=this;"complete"!==document.readyState?window.addEventListener?window.addEventListener("load",function(){t.go()},!1):window.attachEvent&&window.attachEvent("onload",function(){t.go()}):t.go()};}; try{(new g(100,"r","QSI_S_ZN_1EUShoUYECtmqnc","https://zn1eushouyectmqnc-splunk.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1EUShoUYECtmqnc")).start()}catch(i){}})(); /*]]>*/</script> <script type="text/javascript">/*<![CDATA[*/ var seated = user.seated;/*]]>*/</script> <script type="text/javascript">/*<![CDATA[*/ (function(){var g=function(e,h,f,g){ this.get=function(a){for(var a=a+"=",c=document.cookie.split(";"),b=0,e=c.length;b<e;b++){for(var d=c[b];" "==d.charAt(0);)d=d.substring(1,d.length);if(0==d.indexOf(a))return d.substring(a.length,d.length)}return null}; this.set=function(a,c){var b="",b=new Date;b.setTime(b.getTime()+6048E5);b="; expires="+b.toGMTString();document.cookie=a+"="+c+b+"; path=/; "}; this.check=function(){var a=this.get(f);if(a)a=a.split(":");else if(100!=e)"v"==h&&(e=Math.random()>=e/100?0:100),a=[h,e,0],this.set(f,a.join(":"));else return!0;var c=a[1];if(100==c)return!0;switch(a[0]){case "v":return!1;case "r":return c=a[2]%Math.floor(100/c),a[2]++,this.set(f,a.join(":")),!c}return!0}; this.go=function(){if(this.check()){var a=document.createElement("script");a.type="text/javascript";a.src=g;document.body&&document.body.appendChild(a)}}; this.start=function(){var t=this;"complete"!==document.readyState?window.addEventListener?window.addEventListener("load",function(){t.go()},!1):window.attachEvent&&window.attachEvent("onload",function(){t.go()}):t.go()};}; try{(new g(100,"r","QSI_S_ZN_6YEBaVzF9jwyuj4","https://zn6yebavzf9jwyuj4-splunk.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_6YEBaVzF9jwyuj4")).start()}catch(i){}})(); /*]]>*/</script> <div id="ZN_6YEBaVzF9jwyuj4">&nbsp;</div> <script type="text/javascript">/*<![CDATA[*/ (function(){var g=function(e,h,f,g){ this.get=function(a){for(var a=a+"=",c=document.cookie.split(";"),b=0,e=c.length;b<e;b++){for(var d=c[b];" "==d.charAt(0);)d=d.substring(1,d.length);if(0==d.indexOf(a))return d.substring(a.length,d.length)}return null}; this.set=function(a,c){var b="",b=new Date;b.setTime(b.getTime()+6048E5);b="; expires="+b.toGMTString();document.cookie=a+"="+c+b+"; path=/; "}; this.check=function(){var a=this.get(f);if(a)a=a.split(":");else if(100!=e)"v"==h&&(e=Math.random()>=e/100?0:100),a=[h,e,0],this.set(f,a.join(":"));else return!0;var c=a[1];if(100==c)return!0;switch(a[0]){case "v":return!1;case "r":return c=a[2]%Math.floor(100/c),a[2]++,this.set(f,a.join(":")),!c}return!0}; this.go=function(){if(this.check()){var a=document.createElement("script");a.type="text/javascript";a.src=g;document.body&&document.body.appendChild(a)}}; this.start=function(){var t=this;"complete"!==document.readyState?window.addEventListener?window.addEventListener("load",function(){t.go()},!1):window.attachEvent&&window.attachEvent("onload",function(){t.go()}):t.go()};}; try{(new g(100,"r","QSI_S_ZN_aaOQXgG6XwUToDc","https://znaaoqxgg6xwutodc-splunk.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_aaOQXgG6XwUToDc")).start()}catch(i){}})(); /*]]>*/</script> <div id="ZN_aaOQXgG6XwUToDc">&nbsp;</div> </div> <div class="grape-header grape-wrapper"> <div class="grape-header-container grape-wrapper-container"> <div class="grape-site-logo"> <a class="logo-anonymous" href="/" title="Splunk Lantern"> <img class="mt-cdn" src="https://a.mtstatic.com/@public/production/site_13743/1710778214-logo.png" alt="Splunk Lantern" title="Splunk Lantern"> </a> </div> <div class="grape-site-navigation"> <ul class="mt-site-nav"> <li class="mt-login-sign-in"> <a class="mt-icon-quick-sign-in" href="https://lantern.splunk.com/@app/auth/2/login?returnto=https%3A%2F%2Flantern.splunk.com%2FData_Descriptors%2FAmazon" title="Sign in"> Sign in </a> </li> <li class="mt-login-forgot-password"> <a class="mt-icon-login-forgot-password" href="https://lantern.splunk.com/Special:UserPassword" title="Retrieve lost password"> Forgot password </a> </li> </ul> </div> <div class="grape-site-search"> <div class="mt-quick-search-container"> <form action="/Special:Search"> <input name="path" id="mt-search-path" type="hidden" value="" /> <label class="mt-label" for="mt-site-search-input"> Search </label> <input class="mt-text mt-search search-field" name="q" id="mt-site-search-input" placeholder="How can we help you?" type="search" /> <button class="mt-button ui-button-icon mt-icon-site-search-button search-button" type="submit"> Search </button> </form> </div> </div> </div> <div class="grape-site-nav grape-wrapper-container"> <ul class="mt-breadcrumbs"> <li> <a href="https://lantern.splunk.com/"> <span class="mt-icon-article-category mt-icon-article-home"></span> Home </a> </li> <li> <a href="https://lantern.splunk.com/Data_Descriptors"> <span class="mt-icon-article-guide"></span> Data Descriptors </a> </li> </ul> </div> </div> <div class="grape-content grape-wrapper"> <div class="grape-content-container grape-wrapper-container"> <div id="flash-messages"><div class="dekiFlash"></div></div> <h1 id="title" class="no-edit" style="visibility: visible;"> Amazon </h1> <div class="mt-last-updated"> <strong>Last updated:</strong> <span class="modified mt-last-updated-timestamp" data-timestamp="2024-11-08T17:05:56Z"></span> </div> <div class="mt-content-header"> <p>&nbsp;</p> </div> <div class="mt-content-side"> <div class="custom-tree"><div id="side-nav-toggle-container"><span class="side-nav-hamburger"></span><span class="side-nav-hamburger"></span><span class="side-nav-hamburger"></span></div><div class="wiki-tree"><ul><li class="first"><a title="Data_Descriptors/Antivirus_and_antimalware_data" pageid="384" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Antivirus_and_antimalware_data" rel="internal">Antivirus and antimalware data</a></li><li><a title="Data_Descriptors/Application_data" pageid="385" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Application_data" rel="internal">Application data</a></li><li><a title="Data_Descriptors/Application_server_data" pageid="435" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Application_server_data" rel="internal">Application server data</a></li><li><a title="Data_Descriptors/Authentication_data" pageid="383" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Authentication_data" rel="internal">Authentication data</a></li><li><a title="Data_Descriptors/Backup_data" pageid="950" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Backup_data" rel="internal">Backup data</a></li><li><a title="Data_Descriptors/Vendor-specific_data" pageid="387" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Vendor-specific_data" rel="internal">Vendor-specific data</a></li><li><a title="Data_Descriptors/Endpoint_detection_and_response_(EDR)_data" pageid="469" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Endpoint_detection_and_response_(EDR)_data" rel="internal">Endpoint detection and response (EDR) data</a></li><li><a title="Data_Descriptors/Intrusion_detection_and_prevention_data_(IDS_and_IPS)" pageid="472" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Intrusion_detection_and_prevention_data_(IDS_and_IPS)" rel="internal">Intrusion detection and prevention data (IDS and IPS)</a></li><li><a title="Data_Descriptors/Load_balancer_data" pageid="473" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Load_balancer_data" rel="internal">Load balancer data</a></li><li><a title="Data_Descriptors/Email_data" pageid="426" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Email_data" rel="internal">Email data</a></li><li><a title="Data_Descriptors/Network_communication_data" pageid="894" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Network_communication_data" rel="internal">Network communication data</a></li><li><a title="Data_Descriptors/Patch_management_data" pageid="953" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Patch_management_data" rel="internal">Patch management data</a></li><li><a title="Data_Descriptors/Physical_security_data" pageid="947" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Physical_security_data" rel="internal">Physical security data</a></li><li><a title="Data_Descriptors/Web_proxy_data" pageid="895" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Web_proxy_data" rel="internal">Web proxy data</a></li><li><a title="Data_Descriptors/Change_events_data" pageid="897" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Change_events_data" rel="internal">Change events data</a></li><li><a title="Data_Descriptors/Configuration_management_data" pageid="898" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Configuration_management_data" rel="internal">Configuration management data</a></li><li><a title="Data_Descriptors/IP_address_assignment_data" pageid="381" class="internal" href="https://lantern.splunk.com/Data_Descriptors/IP_address_assignment_data" rel="internal">IP address assignment data</a></li><li><a title="Data_Descriptors/Vulnerability_detection_data" pageid="424" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Vulnerability_detection_data" rel="internal">Vulnerability detection data</a></li><li><a title="Data_Descriptors/Web_server_data" pageid="434" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Web_server_data" rel="internal">Web server data</a></li><li><a title="Data_Descriptors/DNS_data" pageid="474" class="internal" href="https://lantern.splunk.com/Data_Descriptors/DNS_data" rel="internal">DNS data</a><ul><li class="first last"><a title="Data_Descriptors/DNS_data/Installing_and_configuring_Splunk_Stream" pageid="4623" class="internal" href="https://lantern.splunk.com/Data_Descriptors/DNS_data/Installing_and_configuring_Splunk_Stream" rel="internal">Installing and configuring Splunk Stream</a></li></ul></li><li><a title="Data_Descriptors/Linux_and_Unix" pageid="5621" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Linux_and_Unix" rel="internal">Linux and Unix</a></li><li><a title="Data_Descriptors/Okta" pageid="4822" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Okta" rel="internal">Okta</a><ul><li class="first"><a title="Data_Descriptors/Okta/Enabling_Okta_single_sign-on_in_the_Splunk_platform" pageid="4802" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Okta/Enabling_Okta_single_sign-on_in_the_Splunk_platform" rel="internal">Enabling Okta single sign-on in the Splunk platform</a></li><li class="last"><a title="Data_Descriptors/Okta/Getting_Okta_data_into_the_Splunk_platform" pageid="4803" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Okta/Getting_Okta_data_into_the_Splunk_platform" rel="internal">Getting Okta data into the Splunk platform</a></li></ul></li><li><a title="Data_Descriptors/SAP" pageid="4419" class="internal" href="https://lantern.splunk.com/Data_Descriptors/SAP" rel="internal">SAP</a></li><li><a title="Data_Descriptors/Zscaler" pageid="2127" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Zscaler" rel="internal">Zscaler</a></li><li><a title="Data_Descriptors/Zoom" pageid="3753" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Zoom" rel="internal">Zoom</a></li><li><a title="Data_Descriptors/Zeek" pageid="3495" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Zeek" rel="internal">Zeek</a></li><li><a title="Data_Descriptors/Websense" pageid="3905" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Websense" rel="internal">Websense</a></li><li><a title="Data_Descriptors/VMware" pageid="3906" class="internal" href="https://lantern.splunk.com/Data_Descriptors/VMware" rel="internal">VMware</a></li><li><a title="Data_Descriptors/CrowdStrike" pageid="3526" class="internal" href="https://lantern.splunk.com/Data_Descriptors/CrowdStrike" rel="internal">CrowdStrike</a></li><li><a title="Data_Descriptors/Carbon_Black" pageid="866" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Carbon_Black" rel="internal">Carbon Black</a></li><li><a title="Data_Descriptors/Kubernetes" pageid="2194" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Kubernetes" rel="internal">Kubernetes</a><ul><li class="first"><a title="Data_Descriptors/Kubernetes/Getting_Kubernetes_log_data_Into_Splunk_Cloud_Platform_with_OpenTelemetry" pageid="7077" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Kubernetes/Getting_Kubernetes_log_data_Into_Splunk_Cloud_Platform_with_OpenTelemetry" rel="internal">Getting Kubernetes log data Into Splunk Cloud Platform with OpenTelemetry</a></li><li class="last"><a title="Data_Descriptors/Kubernetes/Setting_up_the_OpenTelemetry_Demo_in_Kubernetes" pageid="7078" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Kubernetes/Setting_up_the_OpenTelemetry_Demo_in_Kubernetes" rel="internal">Setting up the OpenTelemetry Demo in Kubernetes</a></li></ul></li><li><a title="Data_Descriptors/Check_Point" pageid="1784" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Check_Point" rel="internal">Check Point</a></li><li><a title="Data_Descriptors/Fortinet" pageid="3777" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Fortinet" rel="internal">Fortinet</a></li><li><a title="Data_Descriptors/Salesforce" pageid="885" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Salesforce" rel="internal">Salesforce</a></li><li><a title="Data_Descriptors/Symantec" pageid="887" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Symantec" rel="internal">Symantec</a></li><li><a title="Data_Descriptors/Palo_Alto_Networks" pageid="884" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Palo_Alto_Networks" rel="internal">Palo Alto Networks</a><ul><li class="first last"><a title="Data_Descriptors/Palo_Alto_Networks/Using_ingest_actions_to_filter_Palo_Alto_logs" pageid="7989" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Palo_Alto_Networks/Using_ingest_actions_to_filter_Palo_Alto_logs" rel="internal">Using ingest actions to filter Palo Alto logs</a></li></ul></li><li><a title="Data_Descriptors/Trend_Micro" pageid="5708" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Trend_Micro" rel="internal">Trend Micro</a></li><li><a title="Data_Descriptors/Tenable" pageid="1789" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Tenable" rel="internal">Tenable</a><ul><li class="first last"><a title="Data_Descriptors/Tenable/Migrating_from_Tenable_LCE_to_Splunk_Enterprise_Security" pageid="7414" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Tenable/Migrating_from_Tenable_LCE_to_Splunk_Enterprise_Security" rel="internal">Migrating from Tenable LCE to Splunk Enterprise Security</a></li></ul></li><li><a title="Data_Descriptors/GitHub" pageid="3805" class="internal" href="https://lantern.splunk.com/Data_Descriptors/GitHub" rel="internal">GitHub</a></li><li><a title="Data_Descriptors/Atlassian" pageid="2199" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Atlassian" rel="internal">Atlassian</a></li><li><a title="Data_Descriptors/AppDynamics" pageid="2196" class="internal" href="https://lantern.splunk.com/Data_Descriptors/AppDynamics" rel="internal">AppDynamics</a></li><li><a title="Data_Descriptors/Dell" pageid="871" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Dell" rel="internal">Dell</a></li><li><a title="Data_Descriptors/Syslog" pageid="4334" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Syslog" rel="internal">Syslog</a><ul><li class="first"><a title="Data_Descriptors/Syslog/Installing_Splunk_Connect_For_Syslog_(SC4S)_on_a_Windows_network" pageid="4336" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Syslog/Installing_Splunk_Connect_For_Syslog_(SC4S)_on_a_Windows_network" rel="internal">Installing Splunk Connect For Syslog (SC4S) on a Windows network</a></li><li class="last"><a title="Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog" pageid="2261" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog" rel="internal">Understanding best practices for Splunk Connect for Syslog</a><ul><li class="first"><a title="Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog/Adding_compliance_data_to_syslog_data_in_stream" pageid="2255" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog/Adding_compliance_data_to_syslog_data_in_stream" rel="internal">Adding compliance data to syslog data in stream</a></li><li><a title="Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog/Filtering_syslog_data_to_dev_null" pageid="2256" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog/Filtering_syslog_data_to_dev_null" rel="internal">Filtering syslog data to dev null</a></li><li class="last"><a title="Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog/Routing_syslog_data_to_custom_indexes" pageid="2141" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Syslog/Understanding_best_practices_for_Splunk_Connect_for_Syslog/Routing_syslog_data_to_custom_indexes" rel="internal">Routing syslog data to custom indexes</a></li></ul></li></ul></li><li><a title="Data_Descriptors/Apache" pageid="1714" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Apache" rel="internal">Apache</a></li><li><a title="Data_Descriptors/Amazon" pageid="5735" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon" rel="internal">Amazon</a><ul><li class="first"><a title="Data_Descriptors/Amazon/Configuring_AWS_CloudTrail_and_CloudWatch_data_collection" pageid="863" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Configuring_AWS_CloudTrail_and_CloudWatch_data_collection" rel="internal">Configuring AWS CloudTrail and CloudWatch data collection</a></li><li><a title="Data_Descriptors/Amazon/Expanding_AWS_log_ingestion_capabilities_with_Splunk_Data_Manager_custom_logs" pageid="8100" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Expanding_AWS_log_ingestion_capabilities_with_Splunk_Data_Manager_custom_logs" rel="internal">Expanding AWS log ingestion capabilities with custom logs in Splunk Data Manager</a></li><li><a title="Data_Descriptors/Amazon/Implementing_a_reingestion_pipeline_for_AWS_logs_using_Kinesis_Data_Firehose" pageid="7381" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Implementing_a_reingestion_pipeline_for_AWS_logs_using_Kinesis_Data_Firehose" rel="internal">Implementing a reingestion pipeline for AWS logs using Kinesis Data Firehose</a></li><li><a title="Data_Descriptors/Amazon/Ingesting_AWS_S3_data_written_by_ingest_actions" pageid="7958" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Ingesting_AWS_S3_data_written_by_ingest_actions" rel="internal">Ingesting AWS S3 data written by ingest actions</a></li><li><a title="Data_Descriptors/Amazon/Ingesting_VPC_flow_logs_into_Edge_Processor_via_Firehose_streams" pageid="8108" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Ingesting_VPC_flow_logs_into_Edge_Processor_via_Firehose_streams" rel="internal">Ingesting VPC flow logs into Edge Processor via Amazon Data Firehose</a></li><li><a title="Data_Descriptors/Amazon/Migrating_AWS_inputs_to_Data_Manager" pageid="4516" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Migrating_AWS_inputs_to_Data_Manager" rel="internal">Migrating AWS inputs to Data Manager</a></li><li><a title="Data_Descriptors/Amazon/Partitioning_data_in_S3_for_the_best_FS-S3_experience" pageid="7825" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Partitioning_data_in_S3_for_the_best_FS-S3_experience" rel="internal">Partitioning data in S3 for the best FS-S3 experience</a></li><li><a title="Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_to_filter,_enrich,_and_retrieve_data_from_Amazon_S3" pageid="8342" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_to_filter%2C_enrich%2C_and_retrieve_data_from_Amazon_S3" rel="internal">Using federated search for Amazon S3 (FS-S3) to filter, enrich, and retrieve data from Amazon S3</a></li><li><a title="Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_with_Edge_Processor" pageid="8040" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_with_Edge_Processor" rel="internal">Using federated search for Amazon S3 (FS-S3) with Edge Processor</a></li><li class="last"><a title="Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_with_ingest_actions" pageid="7900" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_with_ingest_actions" rel="internal">Using federated search for Amazon S3 (FS-S3) with ingest actions</a></li></ul></li><li><a title="Data_Descriptors/Cisco" pageid="5742" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Cisco" rel="internal">Cisco</a></li><li><a title="Data_Descriptors/Microsoft" pageid="5743" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Microsoft" rel="internal">Microsoft</a><ul><li class="first"><a title="Data_Descriptors/Microsoft/Getting_started_with_Microsoft_Azure_Event_Hub_data" pageid="2937" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Microsoft/Getting_started_with_Microsoft_Azure_Event_Hub_data" rel="internal">Getting started with Microsoft Azure Event Hub data</a></li><li><a title="Data_Descriptors/Microsoft/Getting_started_with_Microsoft_Teams_call_record_data" pageid="7167" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Microsoft/Getting_started_with_Microsoft_Teams_call_record_data" rel="internal">Getting started with Microsoft Teams call record data</a></li><li><a title="Data_Descriptors/Microsoft/Getting_started_with_Microsoft_Teams_call_record_data_and_Azure_Functions" pageid="7168" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Microsoft/Getting_started_with_Microsoft_Teams_call_record_data_and_Azure_Functions" rel="internal">Getting started with Microsoft Teams call record data and Azure Functions</a></li><li class="last"><a title="Data_Descriptors/Microsoft/Getting_started_with_the_Microsoft_Teams_Add-on_for_Splunk" pageid="7166" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Microsoft/Getting_started_with_the_Microsoft_Teams_Add-on_for_Splunk" rel="internal">Getting started with the Microsoft Teams Add-on for Splunk</a></li></ul></li><li><a title="Data_Descriptors/Google" pageid="5744" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google" rel="internal">Google</a><ul><li class="first"><a title="Data_Descriptors/Google/Configuring_Alert_Actions_with_the_Google_Chrome_Add_On_for_Splunk" pageid="6562" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Configuring_Alert_Actions_with_the_Google_Chrome_Add_On_for_Splunk" rel="internal">Configuring Alert Actions with the Google Chrome Add On for Splunk</a></li><li><a title="Data_Descriptors/Google/Configuring_Google_Workspace_as_a_SAML_IdP_with_Splunk_Cloud_Platform" pageid="3317" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Configuring_Google_Workspace_as_a_SAML_IdP_with_Splunk_Cloud_Platform" rel="internal">Configuring Google Workspace as a SAML IdP with Splunk Cloud Platform</a></li><li><a title="Data_Descriptors/Google/Deploying_Workload_Identity_Federation_between_AWS_and_GCP" pageid="7961" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Deploying_Workload_Identity_Federation_between_AWS_and_GCP" rel="internal">Deploying Workload Identity Federation between AWS and GCP</a></li><li><a title="Data_Descriptors/Google/Getting_started_with_the_Google_ChromeOS_App_for_Splunk" pageid="7202" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Getting_started_with_the_Google_ChromeOS_App_for_Splunk" rel="internal">Getting started with the Google ChromeOS App for Splunk</a></li><li><a title="Data_Descriptors/Google/Getting_started_with_the_Google_Chrome_App_for_Splunk" pageid="6447" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Getting_started_with_the_Google_Chrome_App_for_Splunk" rel="internal">Getting started with the Google Chrome App for Splunk</a></li><li><a title="Data_Descriptors/Google/Ingesting_Google_Cloud_asset_inventory_data" pageid="1875" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Ingesting_Google_Cloud_asset_inventory_data" rel="internal">Ingesting Google Cloud asset inventory data</a></li><li class="last"><a title="Data_Descriptors/Google/Ingesting_Google_Cloud_data_into_Splunk_using_command_line_programs" pageid="5897" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Google/Ingesting_Google_Cloud_data_into_Splunk_using_command_line_programs" rel="internal">Ingesting Google Cloud data into Splunk using command line programs</a></li></ul></li><li><a title="Data_Descriptors/JupiterOne" pageid="5913" class="internal" href="https://lantern.splunk.com/Data_Descriptors/JupiterOne" rel="internal">JupiterOne</a><ul><li class="first last"><a title="Data_Descriptors/JupiterOne/Optimizing_and_automating_SecOps_with_JupiterOne" pageid="5912" class="internal" href="https://lantern.splunk.com/Data_Descriptors/JupiterOne/Optimizing_and_automating_SecOps_with_JupiterOne" rel="internal">Optimizing and automating SecOps with JupiterOne</a></li></ul></li><li><a title="Data_Descriptors/GitLab" pageid="6414" class="internal" href="https://lantern.splunk.com/Data_Descriptors/GitLab" rel="internal">GitLab</a><ul><li class="first"><a title="Data_Descriptors/GitLab/Getting_Gitlab_CICD_data_out_of_a_Gitlab_Pipeline_into_Splunk" pageid="6415" class="internal" href="https://lantern.splunk.com/Data_Descriptors/GitLab/Getting_Gitlab_CICD_data_out_of_a_Gitlab_Pipeline_into_Splunk" rel="internal">Getting GitLab CI/CD data into the Splunk platform</a></li><li class="last"><a title="Data_Descriptors/GitLab/Sending_GitLab_webhook_data_to_the_Splunk_platform" pageid="6417" class="internal" href="https://lantern.splunk.com/Data_Descriptors/GitLab/Sending_GitLab_webhook_data_to_the_Splunk_platform" rel="internal">Sending GitLab webhook data to the Splunk platform</a></li></ul></li><li><a title="Data_Descriptors/Mac_OS" pageid="6655" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Mac_OS" rel="internal">Mac OS</a><ul><li class="first last"><a title="Data_Descriptors/Mac_OS/Collecting_Mac_OS_log_files" pageid="6648" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Mac_OS/Collecting_Mac_OS_log_files" rel="internal">Collecting Mac OS log files</a></li></ul></li><li><a title="Data_Descriptors/Docker" pageid="7069" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Docker" rel="internal">Docker</a><ul><li class="first"><a title="Data_Descriptors/Docker/Getting_Docker_log_data_into_Splunk_Cloud_Platform_with_OpenTelemetry" pageid="7075" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Docker/Getting_Docker_log_data_into_Splunk_Cloud_Platform_with_OpenTelemetry" rel="internal">Getting Docker log data into Splunk Cloud Platform with OpenTelemetry</a></li><li class="last"><a title="Data_Descriptors/Docker/Setting_up_the_OpenTelemetry_Demo_in_Docker" pageid="7070" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Docker/Setting_up_the_OpenTelemetry_Demo_in_Docker" rel="internal">Setting up the OpenTelemetry Demo in Docker</a></li></ul></li><li><a title="Data_Descriptors/Firewall_data" pageid="470" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Firewall_data" rel="internal">Firewall data</a></li><li><a title="Data_Descriptors/MOVEit" pageid="7904" class="internal" href="https://lantern.splunk.com/Data_Descriptors/MOVEit" rel="internal">MOVEit</a></li><li><a title="Data_Descriptors/Skyhigh_Security" pageid="7909" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Skyhigh_Security" rel="internal">Skyhigh Security</a><ul><li class="first last"><a title="Data_Descriptors/Skyhigh_Security/Configuring_Splunk_add-on_for_McAfee//Skyhigh_Web_Gateway" pageid="7933" class="internal" href="https://lantern.splunk.com/Data_Descriptors/Skyhigh_Security/Configuring_Splunk_add-on_for_McAfee%2F%2FSkyhigh_Web_Gateway" rel="internal">Configuring Splunk add-on for McAfee/Skyhigh Web Gateway</a></li></ul></li><li><a title="Data_Descriptors/CyberArk" pageid="7938" class="internal" href="https://lantern.splunk.com/Data_Descriptors/CyberArk" rel="internal">CyberArk</a></li><li><a title="Data_Descriptors/OpenAI" pageid="7964" class="internal" href="https://lantern.splunk.com/Data_Descriptors/OpenAI" rel="internal">OpenAI</a><ul><li class="first last"><a title="Data_Descriptors/OpenAI/Monitoring_applications_using_OpenAI_API_and_GPT_models_with_OpenTelemetry_and_Splunk_APM" pageid="7965" class="internal" href="https://lantern.splunk.com/Data_Descriptors/OpenAI/Monitoring_applications_using_OpenAI_API_and_GPT_models_with_OpenTelemetry_and_Splunk_APM" rel="internal">Monitoring applications using OpenAI API and GPT models with OpenTelemetry and Splunk APM</a></li></ul></li><li class="last"><a title="Data_Descriptors/NETSCOUT" pageid="8411" class="internal" href="https://lantern.splunk.com/Data_Descriptors/NETSCOUT" rel="internal">NETSCOUT</a><ul><li class="first last"><a title="Data_Descriptors/NETSCOUT/Configuring_and_monitoring_NETSCOUT_Omnis_AI_Streamer_data" pageid="8412" class="internal" href="https://lantern.splunk.com/Data_Descriptors/NETSCOUT/Configuring_and_monitoring_NETSCOUT_Omnis_AI_Streamer_data" rel="internal">Configuring and monitoring NETSCOUT Omnis AI Streamer data</a></li></ul></li></ul></div></div> <script type="text/javascript">/*<![CDATA[*/ const trees = document.querySelectorAll(".wiki-tree > ul"); let currentPage = window.location.href; function listChildren(e) { if (e.children.length === 0) { return; } for (var i = 0; i < e.children.length; i++) { var el = e.children[i]; if (el.children.length > 1 && el.tagName == "LI") { el.className = "mt-icon-arrow-right8 collapsed"; el.addEventListener("click", function (event) { if (this.className == "mt-icon-arrow-right8 collapsed") { this.className = "mt-icon-arrow-down8"; } else { this.className = "mt-icon-arrow-right8 collapsed"; } event.stopPropagation(); }); } else { el.addEventListener("click", function (event) { event.stopPropagation(); }); } if (el.href == currentPage) { el.classList.add("active-page"); //Loop through this page and all parent pages, and remove the collapsed class var pElement = el.parentElement.parentElement; //Skipping direct parent so that currentPage itself remains collapsed for (var j = 0; j < 1000; j++) { pElement.classList.remove("collapsed"); if (pElement.classList.contains("mt-icon-arrow-right8")) { pElement.classList.remove("mt-icon-arrow-right8"); pElement.classList.add("mt-icon-arrow-down8"); } pElement = pElement.parentElement; if (pElement.classList.contains("wiki-tree")) { break; } } } listChildren(e.children[i]); } } for (var i = 0; i < trees.length; i++) { listChildren(trees[i]); }/*]]>*/</script> </div> <div id="mt-toc-container" data-title="Table of contents" data-collapsed="true"> <button class="mt-toggle mt-summary-toggle ui-button-icon mt-toggle-expand">Table of contents</button> <div class="mt-toc-content mt-collapsible-section mt-toc-hide"> <ol><li><a href="#Getting_data_in" rel="internal">Getting data in</a></li></ol> </div> </div> <div id="page-top"> <div id="topic"> <div id="pageText"><p>Amazon Web Services provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. These cloud computing web services provide various services related to networking, compute, storage, middleware, IOT, and other processing capacity, as well as software tools via AWS server farms. This frees clients from managing, scaling, and patching hardware and operating systems, and provides a way of obtaining large-scale computing capacity more quickly and cheaply than building an actual physical server farm.</p> <div class="mt-contentreuse-widget" data-page="hc/Splunk_Help_Content/Getting_data_in_-_All" data-section="" data-show="false"> <div class="mt-include" id="s4817"><div class="mt-notes-container style-wrap" title="Note"> <p>Before looking at documentation for specific data sources, review&nbsp;the Splunk Docs information on general data ingestion:&nbsp;</p> <ul> <li><a data-saferedirecturl="https://www.google.com/url?q=https://docs.splunk.com/Documentation/Splunk/8.2.6/Data/WhatSplunkcanmonitor&amp;source=gmail&amp;ust=1651084776831000&amp;usg=AOvVaw1l1fJTsyDyESITUAfSZzOi" href="https://docs.splunk.com/Documentation/Splunk/latest/Data/Getstartedwithgettingdatain" rel="noopener noreferrer" target="_blank" title="https://docs.splunk.com/Documentation/Splunk/latest/Data/Getstartedwithgettingdatain">Enterprise</a></li> <li><a data-saferedirecturl="https://www.google.com/url?q=https://docs.splunk.com/Documentation/SplunkCloud/8.2.2202/Data/WhatSplunkcanmonitor&amp;source=gmail&amp;ust=1651084776831000&amp;usg=AOvVaw2k0BPzJyynC3ZGIbiPpAel" href="https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/Getstartedwithgettingdatain" rel="noopener noreferrer" target="_blank" title="https://docs.splunk.com/Documentation/SplunkCloud/latest/Data/Getstartedwithgettingdatain">Cloud Platform</a></li> <li><a data-saferedirecturl="https://www.google.com/url?q=https://docs.splunk.com/Observability/gdi/get-data-in/get-data-in.html%23nav-Get-data-into-Splunk-Observability-Cloud&amp;source=gmail&amp;ust=1651084776831000&amp;usg=AOvVaw0L4stwrSzYFe883Jl8acUB" target="_blank" title="https://docs.splunk.com/Observability/gdi/get-data-in/get-data-in.html#nav-Get-data-into-Splunk-Observability-Cloud" href="https://docs.splunk.com/Observability/gdi/get-data-in/get-data-in.html#nav-Get-data-into-Splunk-Observability-Cloud" rel="external noopener nofollow" class="link-https">Observability Cloud</a></li> </ul> </div> </div> </div> <div mt-section-origin="Data_Descriptors/Amazon" class="mt-section" id="section_1"><span id="Getting_data_in"></span><h2 class="editable">Getting data in</h2> <table class="mt-responsive-table"> <thead> <tr> <th>Source</th> <th>Add-ons and Apps</th> <th>Guidance</th> </tr> </thead> <tbody> <tr> <td data-th="Source" style="vertical-align:top;">AWS</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk platform</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/1876" href="https://splunkbase.splunk.com/app/1876" target="_blank" rel="external noopener nofollow" class="link-https">Splunk Add-on for Amazon Web Services (AWS)</a></li> <li><a title="https://splunkbase.splunk.com/app/6311" href="https://splunkbase.splunk.com/app/6311" target="_blank" rel="external noopener nofollow" class="link-https">Splunk App for AWS Security Dashboards</a></li> </ul> <p><strong>Splunk Enterprise Security</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/3586" href="https://splunkbase.splunk.com/app/3586" target="_blank" rel="external noopener nofollow" class="link-https">SecKit AWS&nbsp;Assets Add-on&nbsp;for Splunk Enterprise Security</a></li> </ul> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5762" href="https://splunkbase.splunk.com/app/5762" target="_blank" rel="external noopener nofollow" class="link-https">AWS GuardDuty</a></li> <li><a title="https://splunkbase.splunk.com/app/5759" href="https://splunkbase.splunk.com/app/5759" target="_blank" rel="external noopener nofollow" class="link-https">AWS Athena</a></li> <li><a title="https://splunkbase.splunk.com/app/5769" href="https://splunkbase.splunk.com/app/5769" target="_blank" rel="external noopener nofollow" class="link-https">AWS Systems Manager</a></li> <li><a title="https://splunkbase.splunk.com/app/5764" href="https://splunkbase.splunk.com/app/5764" target="_blank" rel="external noopener nofollow" class="link-https">AWS Inspector</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p><strong>Configuration</strong></p> <ul> <li><a title="https://docs.splunk.com/Documentation/AddOns/released/AWS/Description" href="https://docs.splunk.com/Documentation/AddOns/released/AWS/Description" target="_blank" rel="external noopener nofollow" class="link-https">Introduction to the Splunk Add-on for Amazon Web Services</a></li> <li><a title="https://docs.splunk.com/Observability/gdi/get-data-in/integrations.html#amazon-web-services" href="https://docs.splunk.com/Observability/gdi/get-data-in/integrations.html#amazon-web-services" target="_blank" rel="external noopener nofollow" class="link-https">Amazon Web Services for Splunk Observability Cloud</a></li> <li><a title="https://github.com/splunk/SA-AwsAssets" href="https://github.com/splunk/SA-AwsAssets" target="_blank" rel="external noopener nofollow" class="link-https">SA-AWS Assets for Splunk Enterprise Security</a></li> <li><a title="Migrating AWS inputs to Data Manager" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Migrating_AWS_inputs_to_Data_Manager" rel="internal">Migrating AWS inputs to Data Manager</a></li> <li><a title="https://docs.splunk.com/observability/en/gdi/monitors-hosts/amazon-ecs-metadata.html" href="https://docs.splunk.com/observability/en/gdi/monitors-hosts/amazon-ecs-metadata.html" target="_blank" rel="external noopener nofollow" class="link-https">Amazon ECS Task Metadata in Splunk Observability Cloud</a></li> </ul> <p><strong>Use Cases</strong></p> <ul> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services environment</a></li> <li><a title="Monitoring users in AWS" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Threat_hunting/Monitoring_user_activity_spikes_in_AWS" rel="internal">Monitoring user activity spikes&nbsp;in AWS</a></li> <li><a title="Detecting AWS suspicious provisioning activities" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Threat_hunting/Detecting_AWS_suspicious_provisioning_activities" rel="internal">Detecting AWS suspicious provisioning activities</a></li> <li><a title="Detecting privilege escalation in your AWS environment" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Anomaly_detection/Detecting_privilege_escalation_in_your_AWS_environment" rel="internal">Detecting privilege escalation in your AWS environment</a></li> <li><a title="Analyzing AWS service action errors" href="https://lantern.splunk.com/Security/UCE/Foundational_Visibility/Compliance/Analyzing_AWS_service_action_errors" rel="internal">Analyzing AWS service action errors</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">CloudTrail</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5760" href="https://splunkbase.splunk.com/app/5760" target="_blank" rel="external noopener nofollow" class="link-https">AWS CloudTrail</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. You can use it to log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. In the Common Information Model, CloudTrail log data is typically mapped to the <a href="https://docs.splunk.com/Documentation/CIM/latest/User/Authentication" rel="noopener" target="_blank">Authentication</a> and <a href="https://docs.splunk.com/Documentation/CIM/latest/User/Change" rel="noopener" target="_blank">Change</a> data models.</p> <p>CloudTrail data provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. It increases visibility into your user and resource activity by recording AWS Management Console actions and API calls so you can detect unusual activity.&nbsp;</p> <p><strong>Configuration</strong></p> <ul> <li><a title="Configuring AWS CloudTrail and CloudWatch data collection" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Configuring_AWS_CloudTrail_and_CloudWatch_data_collection" rel="internal">Configuring AWS CloudTrail and CloudWatch data collection</a></li> <li><a title="Onboarding AWS CloudTrail data" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Onboarding_AWS_CloudTrail_data" rel="internal">Onboarding AWS CloudTrail data</a></li> <li><a title="Using ingest actions to filter AWS CloudTrail logs" href="https://lantern.splunk.com/Splunk_Platform/Product_Tips/Data_Management/Using_ingest_actions_to_filter_AWS_CloudTrail_logs" rel="internal">Using ingest actions to filter AWS CloudTrail logs</a></li> </ul> <p><strong>Use cases</strong></p> <ul> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services </a><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">environment</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">CloudWatch</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk platform</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5302" href="https://splunkbase.splunk.com/app/5302" target="_blank" rel="external noopener nofollow" class="link-https">AWS Cloudwatch Integration</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>CloudWatch is a service that provides data and actionable insights for AWS, hybrid, and on-premises applications and infrastructure resources. CloudWatch enables you to monitor your complete stack&nbsp;and leverage alarms, logs, and events data to take automated actions and reduce Mean Time to Resolution (MTTR). CloudWatch collects, aggregates, and summarizes compute utilization information like CPU, memory, disk, and network data, as well as diagnostic information like container restart failures, to help DevOps engineers isolate issues and resolve them quickly.</p> <p>CloudWatch gives you actionable insights that help you optimize application performance, manage resource utilization, and understand system-wide operational health. It&nbsp;allows you to perform historical analysis for cost optimization and derive real-time insights into optimizing applications and infrastructure resources.</p> <p><strong>Configuration</strong></p> <ul> <li><a title="Configuring AWS CloudTrail and CloudWatch data collection" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Configuring_AWS_CloudTrail_and_CloudWatch_data_collection" rel="internal">Configuring AWS CloudTrail and CloudWatch data collection</a></li> </ul> <p><b>Use Case</b></p> <ul> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services environment</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Elastic Kubernetes Service (EKS)</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk Observability Cloud</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/6264" href="https://splunkbase.splunk.com/app/6264" target="_blank" rel="external noopener nofollow" class="link-https">Splunk OpenTelemetry Collector for Kubernetes</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>Amazon Elastic Kubernetes Service (<strong><strong>Amazon EKS</strong></strong>) is a managed container service to run and scale Kubernetes applications in the cloud or on-premises.</p> <p><strong>Configuration</strong></p> <ul> <li><a href="https://docs.splunk.com/Observability/gdi/opentelemetry/install-k8s.html" rel="external noopener nofollow" target="_blank" title="https://docs.splunk.com/Observability/gdi/opentelemetry/install-k8s.html">Install on Kubernetes</a></li> <li><a href="https://docs.splunk.com/Observability/gdi/opentelemetry/kubernetes-config.html" rel="external noopener nofollow" target="_blank" title="https://docs.splunk.com/Observability/gdi/opentelemetry/kubernetes-config.html">Advanced configurations for Kubernetes</a></li> <li><a href="https://docs.splunk.com/Observability/gdi/get-data-in/compute/k8s.html" rel="external noopener nofollow" target="_blank" title="https://docs.splunk.com/Observability/gdi/get-data-in/compute/k8s.html">Collect Kubernetes data</a></li> </ul> <p><strong>Splunk Resources</strong></p> <ul> <li><a href="https://www.splunk.com/en_us/blog/devops/monitor-amazon-eks-anywhere-with-splunk.html?_ga=2.26493437.1588241168.1671065191-249072165.1671065191&amp;_gl=1*16syckh*_ga*MjQ5MDcyMTY1LjE2NzEwNjUxOTE.*_ga_5EPM2P39FV*MTY3MTY1MTE1Ni4xNy4xLjE2NzE2NTMwNTguMTAuMC4w" rel="external noopener nofollow" target="_blank" title="https://www.splunk.com/en_us/blog/devops/monitor-amazon-eks-anywhere-with-splunk.html">Monitor Amazon EKS Anywhere with Splunk</a></li> <li><a href="https://www.splunk.com/en_us/blog/devops/monitor-amazon-eks-distro-eks-d-with-splunk.html?_ga=2.26493437.1588241168.1671065191-249072165.1671065191&amp;_gl=1*16syckh*_ga*MjQ5MDcyMTY1LjE2NzEwNjUxOTE.*_ga_5EPM2P39FV*MTY3MTY1MTE1Ni4xNy4xLjE2NzE2NTMwNTguMTAuMC4w" rel="external noopener nofollow" target="_blank" title="https://www.splunk.com/en_us/blog/devops/monitor-amazon-eks-distro-eks-d-with-splunk.html">Monitor Amazon EKS Distro (EKS-D) with Splunk Infrastructure Monitoring</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Identity and Access Management (IAM)</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5763" href="https://splunkbase.splunk.com/app/5763" target="_blank" rel="external noopener nofollow" class="link-https">AWS IAM</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions.</p> <p><strong>Use Cases</strong></p> <ul> <li><a title="Detecting privilege escalation in your AWS environment" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Anomaly_detection/Detecting_privilege_escalation_in_your_AWS_environment" rel="internal">Detecting privilege escalation in your AWS environment</a></li> <li><a title="Detecting AWS security hub alerts" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Threat_hunting/Detecting_AWS_security_hub_alerts" rel="internal">Detecting AWS security hub alerts</a></li> <li><a title="Disabling inactive user accounts in AWS" href="https://lantern.splunk.com/Security/UCE/Foundational_Visibility/Incident_management/Disabling_inactive_user_accounts_in_AWS" rel="internal">Disabling inactive user accounts in AWS with Splunk SOAR</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Lambda</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5765" href="https://splunkbase.splunk.com/app/5765" target="_blank" rel="external noopener nofollow" class="link-https">AWS Lambda</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>Lambda is a compute service that lets you run code without provisioning or managing servers. Lambda runs your code on a high-availability compute infrastructure and performs all of the administration of the compute resources, including server and operating system maintenance, capacity provisioning and automatic scaling, code monitoring and logging.</p> <p><strong>Configuration</strong></p> <ul> <li><a title="https://docs.splunk.com/Observability/gdi/get-data-in/serverless/aws/splunk-otel-lambda-layer.html?" href="https://docs.splunk.com/Observability/gdi/get-data-in/serverless/aws/splunk-otel-lambda-layer.html?" target="_blank" rel="external noopener nofollow" class="link-https">Instrument AWS Lambda functions for Splunk Observability Cloud</a></li> <li><a title="https://dev.splunk.com/enterprise/docs/devtools/httpeventcollector/useawshttpcollector/?" href="https://dev.splunk.com/enterprise/docs/devtools/httpeventcollector/useawshttpcollector/?" target="_blank" rel="external noopener nofollow" class="link-https">Use AWS Lambda with HTTP Event Collector</a></li> </ul> <p><strong>Use Cases</strong></p> <ul> <li><a title="Monitoring AWS Lambda functions" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/Optimize_Cloud/Monitoring_AWS_Lambda_functions" rel="internal">Monitoring AWS Lambda functions</a></li> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services environment</a></li> <li><a title="Logging output from AWS Lambda functions" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment/Logging_output_from_AWS_Lambda_functions" rel="internal">Logging output from AWS Lambda functions</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">VPC Flow</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p>&nbsp;</p> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>VPC Flow logs contain a comprehensive record of network traffic in and out of your AWS environment. By default, the record includes values for the different components of the IP flow, including the source, destination, and protocol. They are often used for troubleshooting connectivity issues across your VPCs, intrusion detection, or anomaly detection. In the Common Information Model, VPC flow log data is typically mapped to the <a href="https://docs.splunk.com/Documentation/CIM/latest/User/NetworkTraffic" rel="noopener" target="_blank">Network Traffic Data model</a>.</p> <p><b>Use Cases</b></p> <ul> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services environment</a></li> <li><a title="Detecting AWS network ACL activity" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Threat_hunting/Detecting_AWS_network_ACL_activity" rel="internal">Detecting AWS network ACL activity</a></li> <li><a title="Using ingest actions to filter AWS VPC Flow Logs" href="https://lantern.splunk.com/Splunk_Platform/Product_Tips/Data_Management/Using_ingest_actions_to_filter_AWS_VPC_Flow_Logs" rel="internal">Using ingest actions to filter AWS VPC Flow Logs</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Kinesis Firehose</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk platform</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/3719" href="https://splunkbase.splunk.com/app/3719" target="_blank" rel="external noopener nofollow" class="link-https">Splunk Add-on for Amazon Kinesis Firehose</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p><strong>Configuration</strong></p> <ul> <li><a title="https://docs.splunk.com/Documentation/AddOns/released/Firehose/About" href="https://docs.splunk.com/Documentation/AddOns/released/Firehose/About" target="_blank" rel="external noopener nofollow" class="link-https">About the Splunk Add-on for Amazon Kinesis Firehose</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Elastic Cloud Compute</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5761" href="https://splunkbase.splunk.com/app/5761" target="_blank" rel="external noopener nofollow" class="link-https">AWS EC2</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p><strong>Use Cases</strong></p> <ul> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services environment</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Simple Storage Service (S3)</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5766" href="https://splunkbase.splunk.com/app/5766" target="_blank" rel="external noopener nofollow" class="link-https">AWS S3</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p><strong>Use Cases</strong></p> <ul> <li><a title="Managing an Amazon Web Services environment" href="https://lantern.splunk.com/Observability/UCE/Foundational_visibility/IT_Ops/Managing_an_Amazon_Web_Services_environment" rel="internal">Managing an Amazon Web Services environment</a></li> <li><a title="Monitoring AWS S3 for suspicious activities" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Threat_hunting/Monitoring_AWS_S3_for_suspicious_activities" rel="internal">Monitoring AWS S3 for suspicious activities</a></li> <li><a title="Ingesting AWS S3 data written by ingest actions" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Ingesting_AWS_S3_data_written_by_ingest_actions" rel="internal">Ingesting AWS S3 data written by ingest actions</a></li> <li><a title="Using federated search for Amazon S3 (FS-S3) with ingest actions" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_with_ingest_actions" rel="internal">Using federated search for Amazon S3 (FS-S3) with ingest actions</a></li> <li><a title="Using federated search for Amazon S3 (FS-S3) with Edge Processor" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_with_Edge_Processor" rel="internal">Using federated search for Amazon S3 (FS-S3) with Edge Processor</a></li> <li><a title="Implementing a reingestion pipeline for AWS logs using Kinesis Data Firehose" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Implementing_a_reingestion_pipeline_for_AWS_logs_using_Kinesis_Data_Firehose" rel="internal">Implementing a reingestion pipeline for AWS logs using Kinesis Data Firehose</a></li> <li><a title="Using federated search for Amazon S3 (FS-S3) to filter, enrich, and retrieve data from Amazon S3" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Using_federated_search_for_Amazon_S3_(FS-S3)_to_filter%2C_enrich%2C_and_retrieve_data_from_Amazon_S3" rel="internal">Using federated search for Amazon S3 (FS-S3) to filter, enrich, and retrieve data from Amazon S3</a></li> <li><a title="Sending masked PII data to the Splunk platform and routing unmasked data to federated search for Amazon S3 (FS-S3)" href="https://lantern.splunk.com/Security/UCE/Foundational_Visibility/Compliance/Sending_masked_PII_data_to_the_Splunk_platform_and_routing_unmasked_data_to_federated_search_for_Amazon_S3_(FS-S3)" rel="internal">Sending masked PII data to the Splunk platform and routing unmasked data to federated search for Amazon S3 (FS-S3)</a></li> </ul> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Web Application Firewall</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk platform</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/4714" href="https://splunkbase.splunk.com/app/4714" target="_blank" rel="external noopener nofollow" class="link-https">AWS Web Application Firewall Add-on</a></li> </ul> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5770" href="https://splunkbase.splunk.com/app/5770" target="_blank" rel="external noopener nofollow" class="link-https">AWS WAF V2</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;">&nbsp;</td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Security Token Service</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5768" href="https://splunkbase.splunk.com/app/5768" target="_blank" rel="external noopener nofollow" class="link-https">AWS Security Token Service</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p>&nbsp;</p> </td> </tr> <tr> <td data-th="Source" style="vertical-align:top;">Security Hub</td> <td data-th="Add-ons and Apps" style="vertical-align:top;"> <p><strong>Splunk SOAR</strong></p> <ul> <li><a title="https://splunkbase.splunk.com/app/5767" href="https://splunkbase.splunk.com/app/5767" target="_blank" rel="external noopener nofollow" class="link-https">AWS Security Hub</a></li> </ul> </td> <td data-th="Guidance" style="vertical-align:top;"> <p><strong>Use Cases</strong></p> <ul> <li><a title="Detecting AWS security hub alerts" href="https://lantern.splunk.com/Security/UCE/Guided_Insights/Threat_hunting/Detecting_AWS_security_hub_alerts" rel="internal">Detecting AWS security hub alerts</a></li> </ul> </td> </tr> </tbody> </table> </div></div> </div> </div> <div class="mt-content-footer"> <p>&nbsp;</p> </div> <ol class="grape-meta-data grape-meta-article-navigation"> <li class="grape-back-to-top"><a class="mt-icon-back-to-top" href="#title" id="mt-back-to-top" title="Jump back to top of this article">Back to top</a></li> <li class="grape-article-pagination"><ul class="mt-article-pagination"> <li class="mt-pagination-previous"> <a class="mt-icon-previous-article" href="https://lantern.splunk.com/Data_Descriptors/Apache" title="Apache"><span>Apache</span></a> </li> <li class="mt-pagination-next"> <a class="mt-icon-next-article" href="https://lantern.splunk.com/Data_Descriptors/Amazon/Configuring_AWS_CloudTrail_and_CloudWatch_data_collection" title="Configuring AWS CloudTrail and CloudWatch data collection"><span>Configuring AWS CloudTrail and CloudWatch data collection</span></a> </li> </ul> </li> </ol> </div> </div> <div class="grape-footer grape-wrapper"> <div class="grape-wrapper-container"> <ol> <li class="grape-footer-copyright">&copy; Copyright 2024 Splunk Lantern</li> <li class="grape-footer-powered-by"><a href="https://mindtouch.com/demo" class="mt-poweredby product " title="MindTouch" target="_blank"> Powered by CXone Expert <span class="mt-registered">&reg;</span> </a></li> </ol> </div> </div> <div class="grape-footer-custom"> <div class="content-seperator-top"><p></p></div><div class="footer-wrapper"><footer><div class="footer-content-wrapper"><div class="footer-content-column"><div class="base-content"><div class="logo-container"><img src="/@api/deki/files/4014/Cisco-Splunk-Small-Transparent.png?origin=mt-web&lt;/div&gt;" alt="" /></div><div class="social-icon-container"><ul class="social-icon-list"><li class="social-icon-list-item"><a target="_blank" href="https://twitter.com/splunk" rel="external noopener nofollow" class="mt-icon-twitter4 link-https"></a></li><li class="social-icon-list-item"><a target="_blank" href="https://www.facebook.com/splunk" rel="external noopener nofollow" class="mt-icon-facebook6 link-https"></a></li><li class="social-icon-list-item"><a target="_blank" href="https://www.linkedin.com/company/splunk" rel="external noopener nofollow" class="mt-icon-linkedin2 link-https"></a></li><li class="social-icon-list-item"><a target="_blank" href="https://www.youtube.com/user/splunkvideos" rel="external noopener nofollow" class="mt-icon-youtube link-https"></a></li><li class="social-icon-list-item"><a target="_blank" href="https://www.instagram.com/splunk/" rel="external noopener nofollow" class="mt-icon-instagram3 link-https"></a></li></ul></div></div><div class="copyright-content"><p>&copy; 2005-2024 Splunk LLC All rights reserved.</p></div><div class="sitemap-content"><div class="sitemap-item"><a target="_blank" href="https://www.splunk.com/en_us/legal.html" rel="external noopener nofollow" class="link-https">Legal</a></div><div class="sitemap-item"><a target="_blank" href="https://www.splunk.com/en_us/legal/patents.html" rel="external noopener nofollow" class="link-https">Patents</a></div><div class="sitemap-item"><a target="_blank" href="https://www.splunk.com/en_us/legal/privacy/privacy-policy.html" rel="external noopener nofollow" class="link-https">Privacy</a></div><div class="sitemap-item"><a target="_blank" href="https://www.splunk.com/en_us/site-map.html" rel="external noopener nofollow" class="link-https">Sitemap</a></div><div class="sitemap-item"><a target="_blank" href="https://www.splunk.com/en_us/legal/terms/terms-of-use.html" rel="external noopener nofollow" class="link-https">Website Terms of Use</a></div></div></div></div></footer></div> <script type="text/javascript">/*<![CDATA[*/ const articleTitleContainer = document.querySelector(".elm-content-container header"); const articleTextContainer = document.querySelector("section.mt-content-container"); const sideNav = document.querySelector("aside.mt-content-side"); const burger = document.getElementById("side-nav-toggle-container"); function toggleSideNav() { articleTitleContainer.classList.toggle("side-nav-open"); articleTextContainer.classList.toggle("side-nav-open"); sideNav.classList.toggle("side-nav-open"); burger.classList.toggle("close"); } burger.addEventListener("click", toggleSideNav);/*]]>*/</script> <ol id="custom-classification-list" class="elm-meta-data elm-meta-bottom"></ol> <script type="text/javascript">/*<![CDATA[*/ document.addEventListener("DOMContentLoaded", function(event) { var pageTitle = document.getElementById("title"); var classifications = document.querySelector(".elm-classifications"); var listContainer = document.getElementById("custom-classification-list"); if (classifications) { var clone = classifications.cloneNode(true); listContainer.appendChild(clone); insertAfter(listContainer, pageTitle); var classificationsTop = document.querySelector("#custom-classification-list .elm-classifications"); var yesArr = classificationsTop.children; var check = checkClass(yesArr); console.log(check); if (check === 0) { listContainer.style.display = "none"; } else { listContainer.style.display = "block"; } } }); function insertAfter(newNode, existingNode) { existingNode.parentNode.insertBefore(newNode, existingNode.nextSibling); } function checkClass(arr) { var number = 0; for (var i =0; i < arr.length; i++) { var names = arr[i].classList; if (names[1].includes("mt-classification-technical-app-") || names[1].includes("mt-classification-technical-addon-") || names[1].includes("mt-classification-applied-product-")) { number++; } } return number; }/*]]>*/</script> </div> <script>/*<![CDATA[*/ dataLayer.push({"Pro_Member":seated}) /*]]>*/</script> <script>/*<![CDATA[*/ dataLayer.push({event:"Demandbase_Loaded"}); /*]]>*/</script> <script>/*<![CDATA[*/ /* * Hide default searchbar. * Show search bar only in default search page */ if (window.location?.pathname !== "/Special:Search") { const searchbarContainer = document.getElementsByClassName("elm-global-search"); if (searchbarContainer && searchbarContainer[0]) { searchbarContainer[0].replaceChildren(); } } /* * Set header background color to transparent * when user is in search page * In search page there is no search bar, then we can hide this header */ if (window.location?.pathname === "/Search") { const header = document.getElementsByClassName("elm-header-user-nav elm-nav"); if (header && header[0]) { header[0].style.backgroundColor = "transparent"; } } /*]]>*/</script> <script>/*<![CDATA[*/ /* * Render IT search bar component * Render in al locations different than new Search page */ if (window.location?.pathname !== "/Search") { const customThemeDefault = ` #sui-id-search-box-input-wrapper input { max-width: 100%; } `; const getSearchBarConfig = () => { return { env: "prod", language: "en", showSearchButton: false, searchBarRedirectUrl: "/Search", }; }; function renderSplunkSearchBarComponent() { const container = document.getElementById("ui-search-bar-container"); const headerContainer = document.getElementsByClassName("elm-global-search"); if (container) { const cc = document.createElement("wplt-search-bar-web-component"); cc.config = { ...getSearchBarConfig(), customTheme: customThemeDefault }; container.replaceChildren(cc); } if (headerContainer && headerContainer[0]) { const cc = document.createElement("wplt-search-bar-web-component"); cc.config = getSearchBarConfig(); headerContainer[0].replaceChildren(cc); } } } else { function renderSplunkSearchBarComponent() {} } /*]]>*/</script> <script defer="defer" onload="renderSplunkSearchBarComponent()" src="https://d38eume8qu1hmc.cloudfront.net/1.1.48/searchBar.js" type="text/javascript"></script> <script>/*<![CDATA[*/ /* * Render ITs Search component * Render only in search page */ if (window.location?.pathname === "/Search") { const getSearchConfig = () => { return { env: "prod", shouldClearFiltersOnNewSearch: false, language: "en", sideContentItems: "source_name_s,article_content_area_s,datePicker", analyticsConfig: { applicationName: "lantern", }, disclaimerSettings: { disableDisclaimer: true, }, initialFilters: [ { name: "source_name_s", value: ["Lantern"], type: "any", }, ], }; }; function renderSplunkSearchComponent() { const container = document.getElementById("ui-search-container"); if (container) { const cc = document.createElement("wplt-search-web-component"); cc.config = getSearchConfig(); container.replaceChildren(cc); } } } else { function renderSplunkSearchComponent() {} } /*]]>*/</script> <script defer="defer" onload="renderSplunkSearchComponent()" src="https://d38eume8qu1hmc.cloudfront.net/1.1.48/search.js" type="text/javascript"></script> <style>/*<![CDATA[*/ .elm-global-search { width: 50%; } /*]]>*/</style> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10