Overview

The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS. Splunk Enterprise is the leading platform for Operational Intelligence, delivering an easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure-physical, virtual and in the cloud.

Highlights

Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing-so you can start searching and analyzing.
With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.

Details

Sold by

Splunk

Pricing

Splunk Enterprise Docker Image

Info

View purchase options

Pricing and entitlements for this product are managed outside of AWS Marketplace through an external billing relationship between you and the vendor. You activate the product by supplying an existing license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. Subscriptions have no end date and may be cancelled any time. However, the cancellation won't affect the status of an active license if it was purchased outside of AWS Marketplace.

Vendor refund policy

Refunds are not available

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

Splunk Enterprise Docker Image

Supported services: Learn more

Amazon ECS

Container image

Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.

Version release notes

https://docs.splunk.com/Documentation/Splunk/8.2.4/ReleaseNotes/MeetSplunk

Additional details

Usage instructions

Install and configure the AWS CLI for deploying and managing the Splunk Docker instances. Please review https://docs.aws.amazon.com/cli/latest/userguide/installing.html for details.
Retrieve the login command to authenticate your Docker client to your registry:

aws ecr get-login --no-include-email --region us-east-1 --registry-ids 217273820646

The response will be as follows:

docker login -u AWS -p <....>

Enter the login command retrieved in step 2. On successful login the following message will be seen :

Now pull the docker image

docker pull 217273820646.dkr.ecr.us-east-1.amazonaws.com/00afcccb-7187-4e20-b391-afef9d004be5/cg-3264970572/splunk:7.2.0-latest

Start a single instance of the container in the following way :

docker run -d -p 8001:8000 -e 'SPLUNK_START_ARGS=--accept-license' -e 'SPLUNK_PASSWORD=Chang3d!' splunk/splunk:latest

The above command publishes the container's port 8000 on which the Splunk web service runs to port 8001 of the AWS host. To access Splunk web enter http://localhost:8001/ in your browser and login to Splunk with the password that was passed at the command line. Review https://github.com/splunk/docker-splunk for more details on using the Splunk Docker image.

Resources

Vendor resources

Company Overview

Datasheet

Support

Vendor support

Options available

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Splunk Enterprise

By Splunk

The Splunk Enterprise AMI accelerates the speed at which organizations deploy Splunk Enterprise in AWS..

View product

Splunk Distribution of the OpenTelemetry Collector

By Splunk

This is Splunk distribution of the OpenTelemetry Collector. It provides a unified way to receive, process, and export metric, trace, and log data for Splunk.

View product

Splunk Cloud

By Splunk

If you are looking for security and operational visibility across your AWS environment including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more then Splunk Cloud is the right solution for you.

View product

Splunk Cloud [Private Offer Only]

By Carahsoft Technology Corp.

If you're looking for security and operational visibility across your AWS environment - including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more - then Splunk Cloud is the right solution for you.

View product

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

406 external reviews

External reviews are sourced from G2 and are not included in the star rating for this product.

shiboo s.

Splunk is great tool for the Security Incident monitoring and Investigation

Reviewed on Oct 23, 2024

Review provided by G2

What do you like best about the product?

It provides real-time insights and monitoring, which is crucial for identifying and addressing issues promptly. The search processing language (SPL) is powerful and flexible, allowing users to perform complex queries and analyses. Splunk is very user friendly, easy to implement and integrate.

What do you dislike about the product?

Cost is the one thing that i will keep under dislike but they have mow come up with diffrent licensing model that is competing with others.

What problems is the product solving and how is that benefiting you?

Splunk is effectively helping you monitor data from various log sources and conduct security incident investigations.

Leave a comment 0 comments

Luis P.

Splunk Review

Reviewed on Jul 16, 2024

Review provided by G2

What do you like best about the product?

a powerfull tool with alot of potencial to make more ease the work

What do you dislike about the product?

the app for integration for other tecnologys is limited after new version of splunk

What problems is the product solving and how is that benefiting you?

help to the monitoring infraestructure with dashboards and alerts to can more ease and simple to preven incidents

Leave a comment 0 comments

Luis S.

Good Product - Bad News Cisco

Reviewed on Jul 11, 2024

Review provided by G2

What do you like best about the product?

Easy to use
Easy To integrated Source
Easy to scale

What do you dislike about the product?

The licensing model is not easy to sell or control, and the sale to a manufacturer like Cisco is creating difficulties in the sales process for companies dedicated to marketing cyber security solutions.

What problems is the product solving and how is that benefiting you?

monitoring, detection and response to security incidents.

Leave a comment 0 comments

Computer & Network Security

SPlunk for SIEM

Reviewed on May 07, 2024

Review provided by G2

What do you like best about the product?

Its simplicity to gather/search the data that I need

What do you dislike about the product?

Not a lot of information about the product of easy access

What problems is the product solving and how is that benefiting you?

Integration of network elements to our SIEM

Leave a comment 0 comments

Inayath K.

Splunk enterprise is best next GEN SIEM solution

Reviewed on Apr 28, 2024

Review provided by G2

What do you like best about the product?

Splunk is a multipurpose tool, which can be used for Visulizing the data in the form of Dashboards with dynamic drill downs, UBA, Incident review Dashboard, wide variety of integration support with existing Add-ons.

What do you dislike about the product?

Bundle replication & dispatch directories are two main reasons for Splunk Enterprise crash, these are not being addressed since long.

What problems is the product solving and how is that benefiting you?

Preventing the organisation from CyberAttacks with the existing usecase library to alert when there is a suspicious activity identified.

Dashboards that allows customers to visualize the data the way they want.

Multi correlation that allows to correlate & create the best usecase to minimise false positives.

Leave a comment 0 comments

View all reviews