Sold by: Splunk
Deployed on AWS
The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS.
4.3
Overview
The Splunk Enterprise container image accelerates the speed at which organizations deploy Splunk Enterprise in AWS. Splunk Enterprise is the leading platform for Operational Intelligence, delivering an easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure-physical, virtual and in the cloud.
Highlights
- Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing-so you can start searching and analyzing.
- With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
- Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Splunk Enterprise Docker Image
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Refunds are not available
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Splunk Enterprise Docker Image
Supported services: Learn more
- Amazon ECS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Additional details
Usage instructions
-
Install and configure the AWS CLI for deploying and managing the Splunk Docker instances. Please review https://docs.aws.amazon.com/cli/latest/userguide/installing.html for details.
-
Retrieve the login command to authenticate your Docker client to your registry:
aws ecr get-login --no-include-email --region us-east-1 --registry-ids 217273820646
The response will be as follows:
docker login -u AWS -p <....>
- Enter the login command retrieved in step 2. On successful login the following message will be seen :
Login Succeeded
- Now pull the docker image
docker pull 217273820646.dkr.ecr.us-east-1.amazonaws.com/00afcccb-7187-4e20-b391-afef9d004be5/cg-3264970572/splunk:7.2.0-latest
- Start a single instance of the container in the following way :
docker run -d -p 8001:8000 -e 'SPLUNK_START_ARGS=--accept-license' -e 'SPLUNK_PASSWORD=Chang3d!' splunk/splunk:latest
- The above command publishes the container's port 8000 on which the Splunk web service runs to port 8001 of the AWS host. To access Splunk web enter http://localhost:8001/ in your browser and login to Splunk with the password that was passed at the command line. Review https://github.com/splunk/docker-splunk for more details on using the Splunk Docker image.
Resources
Vendor resources
Support
Vendor support
Options available
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
The Splunk Enterprise AMI accelerates the speed at which organizations deploy Splunk Enterprise in AWS..
This is Splunk distribution of the OpenTelemetry Collector. It provides a unified way to receive, process, and export metric, trace, and log data for Splunk.
If you are looking for security and operational visibility across your AWS environment including applications, infrastructure and AWS services such as CloudTrail, Config, VPC Flow Logs, and more then Splunk Cloud is the right solution for you.
The official Splunk remote MCP server is built to help you unlock data potential in Splunk Cloud Platform with the AI and Agentic tools of your choice. Seamlessly integrate advanced analytics and intelligent automation to gain deeper insights, enhance operational efficiency, and drive informed decisions. Leverage a trusted, Splunk supported solution designed for optimal performance and unparalleled data utilization within your Splunk Cloud Platform environment. Rest assured, your data remains safe and secure, with robust controls honoring your existing Role Based Access Control (RBAC) policies. Maximize your data's impact with cutting edge AI and flexible agentic capabilities.
Customer reviews
Nishith J.
SPL search and dashboards are really useful
Reviewed on Mar 26, 2026
Review provided by G2
What do you like best about the product?
What I like most about Splunk Enterprise is its powerful search capabilities using SPL, which make it easy to analyze large volumes of log data quickly. It’s very useful for monitoring systems, identifying issues, and building dashboards for real-time insights. The flexibility in creating custom queries and visualizations is a big advantage
What do you dislike about the product?
One of the main drawbacks is the cost, especially as data ingestion increases.
What problems is the product solving and how is that benefiting you?
Splunk Enterprise helps solve the problem of dealing with large volumes of log data coming from different systems. Without it, troubleshooting and monitoring can be time-consuming because the data is scattered. With Splunk, it becomes easier to centralize logs, search through them quickly, and identify issues in real time. This helps reduce debugging time and improves overall system monitoring
Marco O.
Splunk’s for SOC Operations
Reviewed on Mar 24, 2026
Review provided by G2
What do you like best about the product?
What I like most about Splunk is how well it integrates with many well-known products, along with its very clear, easy-to-use dashboards. On top of that, the search system is incredibly versatile and works especially well for SOC operations.
What do you dislike about the product?
The main downside of Splunk is that it’s still quite expensive compared to other vendors. As a service provider, I also find it difficult to position with clients, because the costs can climb quickly and the overall price becomes high.
What problems is the product solving and how is that benefiting you?
Splunk helps us address security issues for our clients. Its fast query capabilities and event correlation add an important layer to our security operations, making it easier to investigate and connect related activity when incidents come up.
Telecommunications
Centralized, Reliable, and Easy to Use Daily
Reviewed on Mar 16, 2026
Review provided by G2
What do you like best about the product?
I love how fast and flexible Splunk is. The search and reporting tools make it really easy to dig through logs, spot issues, and monitor system performance. It integrates well with other tools we use, and honestly, we use it every single day.
What do you dislike about the product?
It can get expensive as your data grows, and some of the more advanced features take a while to learn. But once you get the hang of it, it’s extremely powerful.
What problems is the product solving and how is that benefiting you?
Before Splunk, finding the root cause of an issue could take hours. Now, everything’s centralized, so we can troubleshoot faster, catch problems before they escalate, and keep systems running smoothly. It’s become a critical part of our daily workflow
Information Technology and Services
Splunk, The Best and What Needs Improvement
Reviewed on Feb 03, 2026
Review provided by G2
What do you like best about the product?
Splunk is an extremely versatile platform that offers a wide range of intuitive dashboards for viewing observability and security events within an organization. Its native integration capability stands out, which is very simple and efficient to implement.
What do you dislike about the product?
Currently, following its acquisition by Cisco, the Splunk platform has stagnated. It is not advancing in innovation or improvements at the pace demanded by the market.
What problems is the product solving and how is that benefiting you?
Splunk offers a platform that simplifies visibility into an organization's operations, covering both observability and security. This tool is essential for improving efficiency in cybersecurity monitoring processes.
Sujit S.
Effortless Integration and Dynamic Dashboards Enhance Incident Management
Reviewed on Jan 21, 2026
Review provided by G2
What do you like best about the product?
It is easy to integrate with Ms Purview DLP technology. Dynamic Dashboard are very useful for incident management.
What do you dislike about the product?
What I dislike about Splunk Enterprise is that it can get expensive, especially as the data volume grows. The initial setup and writing queries can also feel complex for new users, and it often takes skilled resources to manage it efficiently. As a result, day-to-day operations can be a bit challenging for smaller teams.
What problems is the product solving and how is that benefiting you?
Splunk Enterprise helps by bringing all logs and data into one place, instead of checking multiple systems separately. It makes it easier to spot problems, security issues, or errors quickly. This saves time, reduces manual effort, and helps us fix issues faster before they impact users