AWS-DFD-Visualizer app icon

AWS-DFD-Visualizer

interactive Data Flow Diagram (DFD) visualizer for Splunk. Renders AWS, Azure, and GCP Config topologies as Zero-Trust blueprint diagrams with nested VPC/Subnet enclosures, SSH/22 compliance violation paths, and commercial license enforcement. Designed for DoD IL5 / NIST 800-53 / Zero-Trust Architecture environments.

Built by Young Suh
splunk product badge
screenshot
screenshot
screenshot
screenshot

Default Version 2.8.3
July 9, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 10.5, 10.4, 10.3, 10.2, 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0
Rating

4

(1)

Log in to rate this app
Support
AWS-DFD-Visualizer support icon
Developer Supported app
AWS DFD Visualizer (Splunkbase App Summary) Purpose & Background Auditing complex cloud infrastructure for compliance (e.g., DoD Impact Level 5 (IL5), NIST 800-53, or NIST 800-207 Zero-Trust Architectures) is extremely challenging. While AWS accounts generate high-volume telemetry from AWS Config, VPC Flow Logs, and GuardDuty, reviewing these complex configurations in standard tabular logs or flat Splunk tables makes it difficult for security teams, system auditors, and DevSecOps engineers to analyze isolation boundaries, spot structural gaps, or verify access routes. The Solution The AWS DFD (Data Flow Diagram) Visualizer solves this by transforming raw relationship logs and configuration items into interactive, visual security topologies styled after AWS Application Composer. It gives compliance officers and analysts an intuitive, visual framework to audit security posture in real-time. Key Features: Zero-Trust Layout Engine: Segregates assets deterministically into distinct swimlanesβ€”separating the Identity plane (users/roles), Policy & Control plane (global network assets like WAF/CloudFront), and Infrastructure plane (VPCs/Subnets). Nested Enclosures: Renders nested container boundaries representing VPCs and Subnets with real-time compliance validation markers. Security & Telemetry Overlays: Highlights Security Group associations as outer compliance rings around compute nodes (Green for compliant, Red for non-compliant). Automatically isolates and flashes incident-flagged resources in pulsing red alerts. Overrides critical Nessus/Tenable vulnerability states with a custom "skull" threat icon. Dynamically intercepts and highlights non-compliant connection paths (e.g., SSH/22 path violations) as dashed Vibrant Red links. Dashboard Studio & SimpleXML Ready: Integrates natively with Splunk Dashboard Studio, supporting dynamic click-capturing drilldown tokens, responsive light/dark themes, and performance-saving Level of Detail (LOD) controls. Export & Live Console Feed: Includes a native client-side SVG/PNG exporter, a standard draw.io XML generator, and an ad-hoc CSV console feed for drafting cloud topologies on the fly. πŸ› οΈ Configuration & Code Updates Done: To align your app bundle with this new description, I have updated the description strings in the following files: package.json splunk-app-manifest.json default/app.conf Additionally: Added /cypress/screenshots/ to .gitignore to keep the repository clean of test artifacts. Ran npm run build to compile the production bundle (webpack compiled successfully). Committed the changes and successfully pushed them to master.

Categories

Security, Fraud & Compliance, DevOps

Created By

Young Suh

Type

app

Downloads

50

Resources

Log in to report this app listing