The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS.
Overview
The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS. Splunk Enterprise is the leading platform for Operational Intelligence, delivering an easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure-physical, virtual and in the cloud.
Highlights
- Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing-so you can start searching and analyzing.
- With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
- Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Details
Sold by
Categories
Delivery method
Delivery option
Splunk Enterprise Docker Image
Latest version
Operating system
Linux
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.
Vendor refund policy
Refunds are not available
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Splunk Enterprise Docker Image
Supported services: Learn more
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
-
Install and configure the AWS CLI for deploying and managing the Splunk Docker instances. Please review https://docs.aws.amazon.com/cli/latest/userguide/installing.html for details.
-
Retrieve the login command to authenticate your Docker client to your registry:
aws ecr get-login --no-include-email --region us-east-1 --registry-ids 217273820646
The response will be as follows:
docker login -u AWS -p <....>
- Enter the login command retrieved in step 2. On successful login the following message will be seen :
Login Succeeded
- Now pull the docker image
docker pull 217273820646.dkr.ecr.us-east-1.amazonaws.com/00afcccb-7187-4e20-b391-afef9d004be5/cg-3264970572/splunk:7.2.0-latest
- Start a single instance of the container in the following way :
docker run -d -p 8001:8000 -e 'SPLUNK_START_ARGS=--accept-license' -e 'SPLUNK_PASSWORD=Chang3d!' splunk/splunk:latest
- The above command publishes the container's port 8000 on which the Splunk web service runs to port 8001 of the AWS host. To access Splunk web enter http://localhost:8001/ in your browser and login to Splunk with the password that was passed at the command line. Review https://github.com/splunk/docker-splunk for more details on using the Splunk Docker image.
Resources
Vendor resources
Support
Vendor support
Options available
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Splunk Enterprise
By Splunk
The Splunk Enterprise AMI accelerates the speed at which organizations deploy Splunk Enterprise in AWS..
This is Splunk distribution of the OpenTelemetry Collector. It provides a unified way to receive, process, and export metric, trace, and log data for Splunk.
Splunk Cloud
By Splunk
If you are looking for security and operational visibility across your AWS environment including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more then Splunk Cloud is the right solution for you.
![Splunk Cloud [Private Offer Only]](https://d7umqicpi7263.cloudfront.net/img/product/0989d196-08c5-47c0-9b23-ae45fba1f4b0.png)
Splunk Cloud [Private Offer Only]
By Carahsoft Technology Corp.
If you're looking for security and operational visibility across your AWS environment - including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more - then Splunk Cloud is the right solution for you.
Customer reviews
shiboo s.
Splunk is great tool for the Security Incident monitoring and Investigation
Reviewed on Oct 23, 2024
Review provided by G2
What do you like best about the product?
It provides real-time insights and monitoring, which is crucial for identifying and addressing issues promptly. The search processing language (SPL) is powerful and flexible, allowing users to perform complex queries and analyses. Splunk is very user friendly, easy to implement and integrate.
What do you dislike about the product?
Cost is the one thing that i will keep under dislike but they have mow come up with diffrent licensing model that is competing with others.
What problems is the product solving and how is that benefiting you?
Splunk is effectively helping you monitor data from various log sources and conduct security incident investigations.
Leave a comment0 comments
Luis P.
Splunk Review
Reviewed on Jul 16, 2024
Review provided by G2
What do you like best about the product?
a powerfull tool with alot of potencial to make more ease the work
What do you dislike about the product?
the app for integration for other tecnologys is limited after new version of splunk
What problems is the product solving and how is that benefiting you?
help to the monitoring infraestructure with dashboards and alerts to can more ease and simple to preven incidents
Luis S.
Good Product - Bad News Cisco
Reviewed on Jul 11, 2024
Review provided by G2
What do you like best about the product?
Easy to use
Easy To integrated Source
Easy to scale
Easy To integrated Source
Easy to scale
What do you dislike about the product?
The licensing model is not easy to sell or control, and the sale to a manufacturer like Cisco is creating difficulties in the sales process for companies dedicated to marketing cyber security solutions.
What problems is the product solving and how is that benefiting you?
monitoring, detection and response to security incidents.
Inayath K.
Splunk enterprise is best next GEN SIEM solution
Reviewed on Apr 28, 2024
Review provided by G2
What do you like best about the product?
Splunk is a multipurpose tool, which can be used for Visulizing the data in the form of Dashboards with dynamic drill downs, UBA, Incident review Dashboard, wide variety of integration support with existing Add-ons.
What do you dislike about the product?
Bundle replication & dispatch directories are two main reasons for Splunk Enterprise crash, these are not being addressed since long.
What problems is the product solving and how is that benefiting you?
Preventing the organisation from CyberAttacks with the existing usecase library to alert when there is a suspicious activity identified.
Dashboards that allows customers to visualize the data the way they want.
Multi correlation that allows to correlate & create the best usecase to minimise false positives.
Dashboards that allows customers to visualize the data the way they want.
Multi correlation that allows to correlate & create the best usecase to minimise false positives.
Shivakumar V.
A tool to analyze your logs and data
Reviewed on Apr 28, 2024
Review provided by G2
What do you like best about the product?
It is easier to write SPL queries than SQL, and you can create your own custom Splunk commands where you can write your own Python scripts to handle complex data types like JSON, which has a nested level of 3 or 4. It is easy to create visualizations and get insights out of the data through commands like charts, stats, etc. It has a vast level of customer support, and when the developer or the user gets stuck, it has great documentation to resolve the issue.
What do you dislike about the product?
The resources splunk software takes when it handles a complex query makes you crazy and it has everything a developer needs, but when it comes to the licensing, it is a bit costly.
What problems is the product solving and how is that benefiting you?
The business problem that Splunk solved was creating a custom visualization using Java scripts for rendering a train track, like the current movement of the train on the map or track layout, and also the custom filters that are created with the help of Javascript. I think this is the best thing where I got the most out of Splunk Enterprise here.