All Apps and Add-ons

Can spunk detect when someone launches an app from AWS market place (AWS App?)

brent_weaver
Builder

is there a way to get insight to see when people launch Amazon Marketplace apps? We would then like to use this as an audit flag.

Any thoughts are much appreciated!

Tags (2)
0 Karma
1 Solution

DalJeanis
SplunkTrust
SplunkTrust

Okay, so the technical side of the question is, "What kind of events can/does AWS Marketplace generate that can be ingested by splunk?"

But, really, the answer seems to be, "there's an app for that..."

https://splunkbase.splunk.com/app/1274/

View solution in original post

0 Karma

DalJeanis
SplunkTrust
SplunkTrust

Okay, so the technical side of the question is, "What kind of events can/does AWS Marketplace generate that can be ingested by splunk?"

But, really, the answer seems to be, "there's an app for that..."

https://splunkbase.splunk.com/app/1274/

0 Karma

brent_weaver
Builder

LOVE IT! I will dig deeper into this app but when I looked at it the first time i did not see anything about capturing marketplace transactions. Please ppont to where this is stated in the documentation. Like you said, what trypes of events get generated by AWS Marketplae that splunk can capture.

0 Karma

DalJeanis
SplunkTrust
SplunkTrust

What people, specifically? What is your relationship to the apps that you want to monitor? You need to be much more specific in your question, in order to get useful feedback.

Splunk can ingest anything that you would like to send it. If you are attempting to monitor, for example, what your employees are doing on their desktops, then the question has to do with what information your firewall and DNS/DHCP server(s) are collecting while serving their web browsing needs.

On the other hand, if you are running a store on Amazon marketplace, it's a completely different question.

0 Karma

brent_weaver
Builder

well i guess we would like to audit if someone launches something from the marketplace in our account. Someone would be an employee of our company that has access to even do such thing.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...