Part 3: Use the Terraform for Splunk provider to configure Splunk.Part 2: Set up Terraform Cloud for Splunk app and build searches.Part 1: Deploy Splunk instance in AWS with Terraform.This is going to be a multi-part series:.As Splunk is the main logging platform and given that there is Terraform Cloud for Splunk app, we’re going to focus on Splunk.What I am particularly focusing on are the Auditing logs, especially for Policy-As-Code: as my customers look at building secure self-service platforms using Policy-As-Code and Sentinel, they need the ability to build searches that help them understand who submitted the changes, which runs failed the policy checks, who decided to override the runs that failed a soft policy, etc….Alternatively, you might use Terraform Cloud or Terraform Enterprise and log everything you do out, to S3, CloudWatch, Splunk, etc….Sure, many of them integrate Terraform in a CI/CD pipeline and work around this by adding webhooks in your pipeline and forward logs to collectors… It didn’t matter that much to me when I was running Terraform locally for my labs but it does matter for large enterprise customers. Terraform Open Source, as good as it is, doesn’t include any built-in logging capabilities.I sometimes skip over the why when I blog in my rush to document my experiments so I will try to lay out exactly the problems we’re trying to solve: ![]() I am going to expand a bit further on Kyle’s post as I spent a couple of weeks having a bit of fun with Splunk. Kyle wrote a great article that covers how to set it up and the docs are also pretty clear. The vast majority of my customers would use Splunk as a log engine (Gartner-ly known as SIEM ( Security Information and Event Management)) for a variety of use cases and HashiCorp partnered with Splunk to integrate it directly with Terraform Cloud. As I work with global financial customers in my day job at HashiCorp, auditing and logging are topics that come up regularly.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |