Sold by: Splunk
Deployed on AWS
AWS Free Tier
The Splunk Enterprise AMI accelerates the speed at which organizations deploy Splunk Enterprise in AWS..
Overview
The Splunk Enterprise AMI accelerates the speed at which organizations deploy Splunk Enterprise in AWS. Splunk Enterprise is the leading platform for Operational Intelligence, delivering an easy, fast, and secure way to search, analyze and visualize the massive streams of machine data generated by your IT systems and technology infrastructure - physical, virtual and in the cloud. Use this AMI to take Splunk for a test drive, or as the basis for your Enterprise-level deployment. The Splunk Enterprise AMI ships with a fully-featured trial license that is valid for 60 days after launch. After the trial expires, your deployment will default to Splunk Free.
Highlights
- Collect and index any machine-generated data from virtually any source or location in real time. Just point Splunk Enterprise at your data, and it immediately starts collecting and indexing--so you can start searching and analyzing.
- With Splunk Enterprise, you can correlate complex events spanning many diverse data sources across your environment. Types of correlations include time-based correlations, transaction-based correlations, sub-searches, lookups, and joins.
- Splunk Enterprise scales to collect and index tens of terabytes of data per day. And because the insights from your data are mission critical, Splunk Enterprise's clustering technology provides the availability you need, even as you scale out your low-cost, distributed computing environment.
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Refunds are not available
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
To learn what's new in Enterprise 9.4.3, please visit https://docs.splunk.com/Documentation/Splunk/9.4.3/ReleaseNotes/MeetSplunk
Additional details
Usage instructions
Get started with Splunk Web:
- In your EC2 Management Console, find your instance running Splunk Enterprise.
- Copy its public IP.
- Paste the public IP into a new browser tab (do not hit enter yet).
- Append :8000 to the end of the IP.
- Hit enter.
- Log into Splunk for the first time with the following credentials: ** username: admin ** password for Enterprise 7.2.5 and above: SPLUNK-$instance-id$ ** password for Enterprise 7.2.0 and below: $instance-id$
Please modify the security groups to allow and disallow certain IP addresses per your requirements. The default is open to all IP addresses.
Read more about the Splunk Enterprise AMI here: https://docs.splunk.com/Documentation/Splunk/latest/Admin/AbouttheSplunkAMI
Upgrade Instructions: http://docs.splunk.com/Documentation/Splunk/latest/Installation/HowtoupgradeSplunk
Resources
Vendor resources
Support
Vendor support
Options available
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Data Collection
Capable of collecting and indexing machine-generated data from diverse sources in real-time
Event Correlation
Supports complex event correlations across multiple data sources using time-based, transaction-based, sub-searches, lookups, and joins
Scalability
Scales to collect and index tens of terabytes of data per day with distributed computing architecture
Clustering Technology
Provides high availability and distributed computing capabilities for mission-critical data insights
Machine Data Analysis
Enables searching, analyzing, and visualizing massive streams of machine data from physical, virtual, and cloud infrastructure
Data Collection and Indexing
Real-time collection and indexing of machine-generated data from diverse sources and locations
Event Correlation
Advanced correlation capabilities including time-based, transaction-based, sub-searches, lookups, and joins across multiple data sources
Scalability
Capability to collect and index tens of terabytes of data per day with distributed computing architecture
High Availability
Clustering technology ensuring continuous data availability and system reliability during scale-out operations
Machine Data Analysis
Comprehensive platform for searching, analyzing, and visualizing massive streams of machine data from physical, virtual, and cloud infrastructures
Data Processing Engine
"Vendor-neutral processing engine for centralized parsing and processing of event data from multiple sources"
Data Routing Capabilities
"Ability to route, optimize, reformat, enrich, and structure data for different destinations in real-time"
Authentication Mechanism
"Supports external authentication through LDAP, Splunk, and OpenID Connect identity providers"
Worker Infrastructure
"Configurable worker groups, worker processes, and edge nodes with scalable deployment options"
Data Optimization
"Advanced data stream reduction capability, capable of trimming up to 50% of unused log and metric data"
Standard contract
No
No
No
Customer reviews
3.3
16 ratings
16 AWS reviews
|
445 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
UzairKhan
Delivers financial benefits and operational efficiency with impactful data analytics capabilities
Reviewed on May 09, 2025
Review provided by PeerSpot
What is our primary use case?
The use cases for Splunk Enterprise Platform vary depending on the specific scenario.
Splunk Enterprise Platform has different purposes, including data visualization and other applications.
Splunk Enterprise Platform has different purposes, including data visualization and other applications.
What is most valuable?
In Splunk Enterprise Platform, the most impactful features for data analytics allow you to get into the repository.
There are financial benefits from using Splunk Enterprise Platform, and as a retailer, it provides better profit margins.
Splunk Enterprise enhances data analytics with its AI capabilities.
There are financial benefits from using Splunk Enterprise Platform, and as a retailer, it provides better profit margins.
Splunk Enterprise enhances data analytics with its AI capabilities.
What needs improvement?
For future updates of Splunk Enterprise Platform, I would like to see integration by GUI.
The integration should be improved with the UI.
The integration should be improved with the UI.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for about two years.
What was my experience with deployment of the solution?
There are no significant challenges in deploying Splunk Enterprise Platform.
The challenges or pain points others should anticipate before implementing Splunk Enterprise Platform are mostly related to the integration part.
The challenges or pain points others should anticipate before implementing Splunk Enterprise Platform are mostly related to the integration part.
How was the initial setup?
The time it takes to deploy Splunk Enterprise Platform depends on the use cases.
It may take anywhere from a couple of hours to a couple of weeks for Splunk Enterprise Platform deployment.
It may take anywhere from a couple of hours to a couple of weeks for Splunk Enterprise Platform deployment.
What about the implementation team?
The same three people take part in the deployment of Splunk Enterprise Platform.
I do not take part in the deployment; my team does.
I do not take part in the deployment; my team does.
What other advice do I have?
My advice for those looking to implement Splunk Enterprise Platform is to know the product well and have hands-on workshops or create a lab to gain complete knowledge before proceeding.
Regarding maintenance, it does not require much as it is on-premises.
Overall, I would rate Splunk Enterprise Platform an eight.
Regarding maintenance, it does not require much as it is on-premises.
Overall, I would rate Splunk Enterprise Platform an eight.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Madhu Shri
User-friendly interface accelerates task approval but update confirmations occasionally delay
Reviewed on Apr 24, 2025
Review provided by PeerSpot
What is our primary use case?
I normally use Splunk Enterprise Platform for review purposes. It is very easy and convenient. Its GUI is easy for me to review and approve all those things.
What is most valuable?
Splunk Enterprise Platform is very easy and convenient to use. The graphical user interface is easy for me to review and approve tasks. It saves time by allowing me to perform actions on a single platform instead of managing them separately. Additionally, its real-time processing capability is very good.
What needs improvement?
The only problem I have with Splunk Enterprise Platform is that sometimes when I update a review, it takes time to receive confirmation emails. This happens very rarely, maybe once or twice a month. I feel this can be improved in terms of performance.
For how long have I used the solution?
I have been using Splunk Enterprise Platform for three years.
What do I think about the stability of the solution?
Splunk Enterprise Platform is very stable.
What do I think about the scalability of the solution?
Splunk Enterprise Platform is scalable to some extent, which is acceptable. However, when I connect via VPN, it may take time to launch.
How are customer service and support?
I haven't got any support yet, so I can't comment on this as of now.
How would you rate customer service and support?
What was our ROI?
Splunk Enterprise Platform saves approximately 20 to 30 percent of my time without having to perform different actions separately.
What other advice do I have?
My overall experience with Splunk Enterprise Platform rates around seven out of ten points. The main issues are regarding updating reviews and scalability, which may take some time when connecting via VPN. I would rate the overall solution 7 out of 10.
Which deployment model are you using for this solution?
On-premises
Subol S.
Great product poor customer service
Reviewed on Apr 24, 2025
Review provided by G2
What do you like best about the product?
Simple and easy to use for a product that offers a lot
What do you dislike about the product?
Cost and customer support if an issue arises
What problems is the product solving and how is that benefiting you?
It provides a framework for enterprise security
F. Seki
Citizen programming facilitates efficient threat detection and enhances business logic
Reviewed on Apr 22, 2025
Review from a verified AWS customer
What is our primary use case?
I focus on threat detection against stock trading systems. I am in charge of five to seven stock trading companies' B2C systems for detecting threat attacks. Our customers include several stock trading companies, banks and and large mobile careers in Japan.
How has it helped my organization?
We built a threat detection system for our client company, one of the biggest security company in Japan, using Splunk Enterprise Platform . We started a new business on this platform to provide threat detection systems to stock trading system companies and banks, expanding our customer base.
What is most valuable?
One valuable feature of Splunk Enterprise Platform is citizen programming, which allows users to manage and compute huge stream-based datasets easily using SPL language. The second feature is its ability to perform matrix-like stream calculations concurrently, improving upon traditional SIEM tools. Finally, Splunk's Machine Learning Toolkit is offered without charge, allowing users to incorporate machine learning in their business logic, aiding in procedures like threat hunting.
What needs improvement?
Splunk could improve by enhancing its graphical view functionality. Compared to other BI tools, Splunk's graphic features are limited; part of customers desire detailed, rich visual effects, like world maps showing threat attacks as animations. Additionally, the deep learning capabilities need enhancing, especially on Splunk Cloud, where customers find it challenging to use deep learning tools without setting up backend computing resources.
For how long have I used the solution?
I have over 14 years of experience with Splunk Enterprise Platform, beginning my first evaluation in 2011.
What do I think about the stability of the solution?
I would rate the stability of Splunk Enterprise Platform as a seven. While it requires managing configuration files and processing scale-out operations manually, limiting its auto-scaling capabilities, it still performs adequately.
What do I think about the scalability of the solution?
I rate the scalability of Splunk Enterprise Platform as an eight. Some products can automatically scale, but Splunk Enterprise requires manual configuration changes to achieve scale, which is slightly outdated compared to modern technologies.
How are customer service and support?
I rate Splunk Japan's customer service as an eight. Although I generally provide support myself and do not often rely on Splunk support, this rating reflects general consultant feedback.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I previously used Elastic Search and Kibana, but switched to Splunk for ease of use and to define business entities such as branches, channels, and stock accounts.
How was the initial setup?
Standalone Installation was very easy. Designing and capacity planning for a distributed cluster environment was not easy.
What about the implementation team?
I am a Splunk consultant and implement customer solutions myself.
What's my experience with pricing, setup cost, and licensing?
I rate the pricing of Splunk as nine out of ten. The pricing model is based on ingesting data sizes, not user count, and includes a free tier for up to 500 MB of daily data, differentiating it from user-based pricing BI-tools.
Which other solutions did I evaluate?
I evaluated ArcSight and Manage Engine and made our selection.
# After using Splunk for several years, I conducted further evaluations, but our selection remained unchanged.
# Datadog was ideal for bug traceback during APM operations.
# Exabeam was ideal for use case-centric threat detection.
What other advice do I have?
Overall, I rate Splunk Enterprise Platform ten out of ten. I am dissatisfied with Splunk’s graphics view and deep learning capabilities; they could be better, especially on Splunk Cloud. While I was able to enhance the platform using technologies like JavaScript, most of my clients struggle.However, it will be sufficient for the next few years with it's strong Machine Learning capability.
Also, it would be preferable for Splunk SOAR to include sequential Splunk task execution and MCP/A2A support features.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Retail
Great Platform for incident correlation and management
Reviewed on Mar 27, 2025
Review provided by G2
What do you like best about the product?
Great tool for enrichment, alert correlation, automations before an analyst looks at it
What do you dislike about the product?
Price, steep learning curve for full features
What problems is the product solving and how is that benefiting you?
Protecting the assets, users and crown jewels of the company