Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Splunk Enterprise

Splunk | 9.2.1

Linux/Unix, Amazon Linux 2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

14 AWS reviews

External reviews

400 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Doug Toppin

Excellent for trying out Splunk

  • September 03, 2015
  • Review verified by AWS Marketplace

I wanted to try out a few add-ons to Splunk and this worked perfectly for me. Having an AMI with a ready to go Splunk server and MongoDB combined with a recommended security group made it very easy to start using immediately. I was also able to install the Splunk Mobile Access Server on this instance and connected using the associated iOS and Android apps. If I had any recommendation for Splunk it would be to include the MAS on this AMI as well.
No complaints at all.

    Chad Brigance

More time splunking. Less time installing.

  • June 12, 2015
  • Review verified by AWS Marketplace

Up and running with Splunk in minutes. This was so easy it was not even funny. It look me longer to set up data feeds than it did preparing Splunk to receive them.

Totally thrilled and pleased. This was a life saver.

Splunk's home for indexes is on the root partition by default. 8GB of SSD storage for the / partition will probably not be enough for you.

Add a 500GB or 1TB magnetic volume and move splunk's index home there before you get started.

    AWS Admins

Good but not ready for Production

  • June 03, 2015
  • Review verified by AWS Marketplace

I liked the fact that there was a splunk AMI and you can spin up splunk really fast. I was able to build an instance and be up in a matter of minutes. The issues I have with the AMI is that there is currently no support for the new C4 instances. I wanted to build a beefy splunk server with the latest CPUs since searches are CPU heavy and I'm not able to do that now. I also noticed that the AMI does not address disabling Transparent Huge Pages which splunk recommends. This can cause a 30% performance degradation. http://docs.splunk.com/Documentation/Splunk/6.2.3/ReleaseNotes/SplunkandTHP

So, because I couldn't use the instance I wanted, I can't really use this AMI for my needs. I can use it for testing no problem though. The THP issues is not that big because you can disable it easy enough but if splunk is touting this AMI as a recommended configuration I would like to see the THP addressed since it causes performance issues.

    David Greenwood

One-click Splunk!

  • March 12, 2015
  • Review verified by AWS Marketplace

From no Splunk to Splunk in minutes. I was able to start collecting and analysing my data within the hour.

showing 11 - 14