Quick Start Update: Deploy Splunk Enterprise on the AWS Cloud
AWS is pleased to release a major update to the Splunk Enterprise Quick Start, focused on high availability and ease of use.
This Quick Start was created by AWS solutions architects in collaboration with Splunk to help you deploy Splunk Enterprise on the AWS Cloud easily and quickly. This update includes the following features:
- Multi-AZ deployment that can span three Availability Zones in all supported regions, while making the indexer and search head clustering AZ-aware
- Automatic configuration of the HTTP Event Collector (HEC) across the indexer tier to enable easier data onboarding
- Pre-configured indexer discovery, which allows forwarders to automatically load balance across all available indexer nodes, including any that are later added to the cluster
Splunk Enterprise enables you to search, monitor, and analyze machine data from any source to gain valuable intelligence and insights across your entire organization.
The Quick Start uses AWS CloudFormation templates to automatically deploy Splunk Enterprise into your AWS account. It uses the Amazon Machine Image (AMI) for Splunk Enterprise running on Amazon Linux to set up EC2 instances. You can also use the templates as a starting point for your own implementation, by downloading them from the GitHub repository.
To get started, use the following resources:
- View architecture and details
- View the deployment guide
- Browse and launch other AWS Quick Start reference deployments
About Quick Starts
Quick Starts are automated reference deployments for key workloads on the AWS Cloud. Each Quick Start launches, configures, and runs the AWS compute, network, storage, and other services required to deploy a specific workload on AWS, using AWS best practices for security and availability.