icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading AWS Certificate Reporting
SHA256 checksum (aws-certificate-reporting_102.tgz) d190eca0d1106b1b68de3c61c77bd7215e8044cda17737b0e1ee437c4fc1e204 SHA256 checksum (aws-certificate-reporting_101.tgz) 41d516b5a4f2605e7fbd7fb39b972e7d3f41423b0f5cdfaff682c25645378838 SHA256 checksum (aws-certificate-reporting_100.tgz) 5a436e5eba445b14d80992c3416090a7d5aa02fec466fbe56097c734d9ffd01b
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

AWS Certificate Reporting

Splunk Cloud
This app is NOT supported by Splunk. Please read about what that means for you here.
Easily manage your upcoming AWS IAM certificate expiry dates via a Splunk dashboard.

AWS IAM allows you to import certificates to be used in your cloud - for example on Application Load Balancers. This app imports the list of certificates in an AWS account and provides a dashboard that allows you to quickly view which certificates are expiring soon. The dashboard also allows filtering of the results.


This application utilises the aws cli - the user running the splunk process must have the ability to use the aws cli for the account that contains the certificate data to be indexed.

To check - as the user that runs the Splunk process, check that the following command returns results:

aws iam list-server-certificates

This command clearly requires the ability to hit the AWS API - so network access to this endpoint is required. If the command above can run, then the scripted input should work fine.

OS Support

Developed on Mac, tested on Linux. No Windows support provided.


The application will deploy and run on an "all-in-one" Splunk setup (e.g. a single standalone installation of Splunk Enterprise) without modification.

For distributed setups, the normal distribution of components should apply. The Splunk Packaging toolkit can be used to split out the various components into apps suitable for deployment on a forwarder, indexer and search head:


Manually you can achieve the same by:

  • ensuring the scripted input (inputs.conf) runs only on the Splunk component that is to collect the data from your AWS account: this can be a Universal Forwarder or Splunk Enterprise server
  • parsing rules exist in props.conf and these must be placed on the Splunk Enterprise server(s) that parse the data: the Indexers or Heavy Forwarders depending on your configuration
  • The dashboard runs on your Search Head

You can deploy the same app everywhere but simply disable the scripted input - leaving it enabled only on the server that will talk out to AWS to get the certificate information.

Release Notes

Version 1.0.2
Feb. 3, 2020

1.0.2 - idelta.co.uk - Edinburgh, UK
* aligned sourcetype name with aws add-on format
* moved all local files to default

Version 1.0.1
Feb. 3, 2020

1.0.1 - idelta.co.uk - Edinburgh, UK
* fixed typo on field name in dashboard

Version 1.0.0
Feb. 3, 2020

1.0.0 - idelta.co.uk - Edinburgh, UK
* initial release, functionally complete


Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.