Splunk with AWS – monitoring, incident reporting, enhanced security, compliance reporting

The benefits of Splunk for Cloud/AWS (in particular deployments) include the following:

  • -Aggregated logs and metrics of all information and data points within the architecture
  • -Enhanced Security monitoring
  • -Resource utilisation improvement and cost savings
  • -Compliance and client reporting

Splunk integrates with CloudWatch (OS, Hypervisor) metrics, Trusted-Advisor (resource usage, security), along with Cloud Trail (API).  It also monitors instances, VPC flows, access and security issues.  Information is rolled up within a Dashboard and granular notifications can be set which delineate high importance items from less vital issues. Splunk does not replace but greatly enhances native AWS monitoring and logging services.  An overview from a client’s perspective on what Splunk can offer.

 

 

Metrics: