I am new to Splunk, we are currently using ESM from McAfee but I need to collect logs from AWS. Can someone tell me what needs to be done to do this?
Do I need to install an agent on AWS?
What does the Splunk App for AWS give me and how do I install? I current have a splunk-app-for-aws_500.tgz file.
Thanks!
The documentation for the Splunk Add-on for AWS can be found at https://docs.splunk.com/Documentation/AddOns/released/AWS/Description
The Splunk app is the gui portion. The add-on pulls data.
...and if you are new to Splunk, read the general information about add-ons to understand what they are, how they work, and how to install them.
Thank You, We are using enterprise splunk, so I needed to install AWS app on the deployment server and then the add on to the search head. I am able to configure the AWS but looks like there is a permissions issue with the account that was created for me.