Overview
The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS. Splunk Enterprise is the leading platform for Operational Intelligence, delivering an easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure-physical, virtual and in the cloud.
Highlights
- Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing-so you can start searching and analyzing.
- With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
- Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Vendor refund policy
Refunds are not available
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Splunk Enterprise Docker Image
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
-
Install and configure the AWS CLI for deploying and managing the Splunk Docker instances. Please review https://docs.aws.amazon.com/cli/latest/userguide/installing.html for details.
-
Retrieve the login command to authenticate your Docker client to your registry:
aws ecr get-login --no-include-email --region us-east-1 --registry-ids 217273820646
The response will be as follows:
docker login -u AWS -p <....>
- Enter the login command retrieved in step 2. On successful login the following message will be seen :
Login Succeeded
- Now pull the docker image
docker pull 217273820646.dkr.ecr.us-east-1.amazonaws.com/00afcccb-7187-4e20-b391-afef9d004be5/cg-3264970572/splunk:7.2.0-latest
- Start a single instance of the container in the following way :
docker run -d -p 8001:8000 -e 'SPLUNK_START_ARGS=--accept-license' -e 'SPLUNK_PASSWORD=Chang3d!' splunk/splunk:latest
- The above command publishes the container's port 8000 on which the Splunk web service runs to port 8001 of the AWS host. To access Splunk web enter http://localhost:8001/ in your browser and login to Splunk with the password that was passed at the command line. Review https://github.com/splunk/docker-splunk for more details on using the Splunk Docker image.
Resources
Vendor resources
Support
Vendor support
Options available
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Splunk is great tool for the Security Incident monitoring and Investigation
Splunk Review
Good Product - Bad News Cisco
Easy To integrated Source
Easy to scale
Splunk enterprise is best next GEN SIEM solution
Dashboards that allows customers to visualize the data the way they want.
Multi correlation that allows to correlate & create the best usecase to minimise false positives.