Each of Splunk’s serverless application lambdas are designed to enable you to deploy all the AWS infrastructure needed to start streaming a variety of AWS data sources into Splunk in a scalable, straightforward and automated manner. This blog provides high level information for the POC and the steps required by it:
Requirements:
11. Let’s try the setup! Try generating some sample findings from the settings page in the AWS console for GuardDuty. After these sample findings are received by Splunk, the user should see events flowing to our Search head. Before that, let’s take a quick understanding that how to do this. Open the GuardDuty console from the AWS Services menu. Click on “Get Started”
Rishabh is currently working as Splunk and Security Professional Services Consultant at Crest Data Systems. Rishabh has been consulting with Fortune 500 and global enterprise customers and has been an active member of Cyber Security and Infrastructure Reliability communities for 6+ years. Rishabh is an accredited consultant for Splunk Core, Splunk Enterprise Security, Splunk UBA for SIEM and Phantom for SOAR based applications. He has been a frequent speaker at DefCon and other Cyber Security Conferences.