Federated Search 1.0 Demo

Splunk-side

AWS Account ID
889918306825
Region
us-east-1
CSV File S3 URI
s3://logs-collected-depot-889918306825-us-east-1/firewall_logs_demo.csv
CloudTrail Logs S3 URI
s3://aws-logs-889918306825-us-east-1/cloudtrail/AWSLogs
VPC Flow Logs Bucket S3 URI
s3://aws-logs-889918306825-us-east-1/vpc-flow-logs/AWSLogs
Glue Database
cisco-firewall-logs
Glue Table
logs-collected-depot

AWS-side

Automatic

Enter Splunk Cloud details to fetch inputs automatically.

Inputs

Resulting Policy

{
  "Effect": "Allow",
  "Principal": {
    "AWS": "arn:aws:iam::{splunk_aws_account_id}:{splunk_co2_stack}"
  }
  ...
}