Sold by: Splunk
Deployed on AWS
The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS.
4.3
Overview
The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS. Splunk Enterprise is the leading platform for Operational Intelligence, delivering an easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure-physical, virtual and in the cloud.
Highlights
- Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing-so you can start searching and analyzing.
- With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
- Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Splunk Enterprise Docker Image
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Refunds are not available
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Splunk Enterprise Docker Image
Supported services: Learn more
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
-
Install and configure the AWS CLI for deploying and managing the Splunk Docker instances. Please review https://docs.aws.amazon.com/cli/latest/userguide/installing.html for details.
-
Retrieve the login command to authenticate your Docker client to your registry:
aws ecr get-login --no-include-email --region us-east-1 --registry-ids 217273820646
The response will be as follows:
docker login -u AWS -p <....>
- Enter the login command retrieved in step 2. On successful login the following message will be seen :
Login Succeeded
- Now pull the docker image
docker pull 217273820646.dkr.ecr.us-east-1.amazonaws.com/00afcccb-7187-4e20-b391-afef9d004be5/cg-3264970572/splunk:7.2.0-latest
- Start a single instance of the container in the following way :
docker run -d -p 8001:8000 -e 'SPLUNK_START_ARGS=--accept-license' -e 'SPLUNK_PASSWORD=Chang3d!' splunk/splunk:latest
- The above command publishes the container's port 8000 on which the Splunk web service runs to port 8001 of the AWS host. To access Splunk web enter http://localhost:8001/ in your browser and login to Splunk with the password that was passed at the command line. Review https://github.com/splunk/docker-splunk for more details on using the Splunk Docker image.
Resources
Vendor resources
Support
Vendor support
Options available
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
The Splunk Enterprise AMI accelerates the speed at which organizations deploy Splunk Enterprise in AWS..
This is Splunk distribution of the OpenTelemetry Collector. It provides a unified way to receive, process, and export metric, trace, and log data for Splunk.
If you are looking for security and operational visibility across your AWS environment including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more then Splunk Cloud is the right solution for you.
The official Splunk remote MCP server is built to help you unlock data potential in Splunk Cloud Platform with the AI and Agentic tools of your choice. Seamlessly integrate advanced analytics and intelligent automation to gain deeper insights, enhance operational efficiency, and drive informed decisions. Leverage a trusted, Splunk supported solution designed for optimal performance and unparalleled data utilization within your Splunk Cloud Platform environment. Rest assured, your data remains safe and secure, with robust controls honoring your existing Role Based Access Control (RBAC) policies. Maximize your data's impact with cutting edge AI and flexible agentic capabilities.
Customer reviews
Information Technology and Services
Splunk, The Best and What Needs Improvement
Reviewed on Feb 03, 2026
Review provided by G2
What do you like best about the product?
Splunk is an extremely versatile platform that offers a wide range of intuitive dashboards for viewing observability and security events within an organization. Its native integration capability stands out, which is very simple and efficient to implement.
What do you dislike about the product?
Currently, following its acquisition by Cisco, the Splunk platform has stagnated. It is not advancing in innovation or improvements at the pace demanded by the market.
What problems is the product solving and how is that benefiting you?
Splunk offers a platform that simplifies visibility into an organization's operations, covering both observability and security. This tool is essential for improving efficiency in cybersecurity monitoring processes.
Sujit S.
Effortless Integration and Dynamic Dashboards Enhance Incident Management
Reviewed on Jan 21, 2026
Review provided by G2
What do you like best about the product?
It is easy to integrate with Ms Purview DLP technology. Dynamic Dashboard are very useful for incident management.
What do you dislike about the product?
What I dislike about Splunk Enterprise is that it can get expensive, especially as the data volume grows. The initial setup and writing queries can also feel complex for new users, and it often takes skilled resources to manage it efficiently. As a result, day-to-day operations can be a bit challenging for smaller teams.
What problems is the product solving and how is that benefiting you?
Splunk Enterprise helps by bringing all logs and data into one place, instead of checking multiple systems separately. It makes it easier to spot problems, security issues, or errors quickly. This saves time, reduces manual effort, and helps us fix issues faster before they impact users
Rajesh M.
Essential, Feature-Rich SIEM Tool for IT Security
Reviewed on Dec 26, 2025
Review provided by G2
What do you like best about the product?
Easy to use SIEM tool with lots of features that is necessary in the IT security sector.
What do you dislike about the product?
Splunk has met all my requirements so far.
What problems is the product solving and how is that benefiting you?
Helps with detecting and identifying security events.
RaviShankar S.
Outstanding Observability and Log Management Across All Platforms
Reviewed on Dec 04, 2025
Review provided by G2
What do you like best about the product?
Splunk Enterprise is an excellent end-to-end observability tool for log management, metrics, and traces, as well as for performing AIOps to manage IT infrastructure. It supports all major cloud platforms, including Azure, GCP, AWS, and VMware, along with legacy infrastructure hosting platforms such as Linux, on-premises VMware, and Hyper-V.
What do you dislike about the product?
Daily Log Data size cap is bit low for the Enteprise Organizations running thousands of workloads. Renewal costs are high. Need formal training to support and manage the Platform.
What problems is the product solving and how is that benefiting you?
Log management, E2E Observability Platform , URL monitoring, Digital User experience monitoring, SLO,SLA improvement. Root Cause Analysis during incidents.
Satheesh R.
Effortless Setup and Configuration
Reviewed on Nov 07, 2025
Review provided by G2
What do you like best about the product?
Easy of use and setting up configurations
What do you dislike about the product?
License cost is heavy and which required most of the storage and when dealing with large data, performance will be degraded
What problems is the product solving and how is that benefiting you?
Monitoring