I am using Splunk App for AWS couple of Questions :
In the guide https://docs.splunk.com/Documentation/AddOns/released/AWS/CloudWatchLogs it says Splunk strongly recommends against using the CloudWatch Logs inputs to collect VPC Flow Logs data (source type: aws:cloudwatchlogs:vpcflow) since the input type will be deprecated in upcoming releases. **Does this relate to RDS as well or is RDS Safe?**
Log group A comma-separated list of log group names. **Is there a size limit to this filed**.
Also **is there an API call that updates this value when a new instance is created**.
Splunk takes a configuration as $SPLUNK_HOME/etc/apps/Splunk_TA_aws/local/aws_cloudwatch_logs_tasks.conf c**an this file be updated automatically** via a process that would read the list of instances and write it here.
↧