Blue computing cloud

Top 3 Mistakes Migrating to Splunk Cloud and How to Avoid Them: Article 1 of 3

Is your organization weighing a Splunk migration? Are you looking to migrate from an on-prem or self-managed cloud platform to Splunk Cloud? You’ll gain a significant competitive advantage over nearly every enterprise in every industry segment if you do.  

First, you won’t have to purchase, manage and deploy additional infrastructure.  

Second, Splunk Cloud has robust security and compliance certifications. These include SOC 2 Type 2 and ISO 27001, as well as Splunk Cloud PCI and Splunk Cloud HIPAA availability.  

In addition, Splunk Cloud is also FedRAMP Authorized by the General Services Administration at the moderate impact level. Plus, it meets International Traffic in Arms (ITAR) requirements; and offers dedicated encryption both in transit and, optionally, encryption at rest.  

‘Gotchas’ Happen in Splunk Migrations  

To us, deciding to migrate to Splunk Cloud is a no-brainer. However, the journey down the road to migration can be bumpy. Members of our team have filled potholes and, in some cases, repaved entire sections to ensure a successful migration.

We’ve identified three mistakes our clients make during the planning, migration, and production phases. We’re sharing them so you can save time and money. 

1. Failure to Plan with the Right People

There’s a reason that #1 on this list is the failure to bring together everyone who should be included.

You’ll need input from internal subject matter experts (SMEs) who are not Splunk stakeholders. However, they are often left out of initial conversations. Then, at the last minute, you want to tap them for their knowledge. But they weren’t brought in during the early planning. So, they may not be available to work with you for days, weeks, or in one case we’ve seen – months 

These are usually the network and security SMEs. They’re responsible for firewall, port, and other configurations. And they often hold the keys that allow the data to flow out to Splunk Cloud.  

As migration efforts can quickly get complicated with larger Splunk customers and siloed remote sites, the SMEs help ensure things go smoothly.

Including them might seem obvious. But time and again,  we’ve seen these folks left out. In larger organizations, engaging in a deeper conversation is often required. You want the right dials turned and switches flipped when the time comes.  

Make sure you know what those firewalls and other access/network requirements are for your organization AND the Splunk Cloud folks. People who are required outside of your purview must be in the room. This way, they can raise their hands and ask questions. This includes folks from Splunk and a partner, such as SP6.  

Don’t assume you know who they are, or what they can and can’t do. 

Get everyone in on the plan and review it, to ensure you are ready!  

Bridging Organizational Gaps in a Splunk Migration 

There are many moving parts to a Splunk migration. Each person helping you has a primary job, and chances are, assisting with a Splunk migration isn’t high up on their to-do lists. This is especially true when they haven’t even been informed about what is happening!  

Here’s how to help smooth the transition and uninterrupted flow of data to and from Splunk Cloud: 

  • Break down the migration strategy. 
  • Plan for needed stakeholders. 
  • Make sure the pieces (and timing) are in place to accommodate the people you need.

There most certainly will be scheduling conflicts, organizational restrictions, and other factors you cannot control. But you can get ahead of the game by identifying primary and secondary internal SMEs. This will help you prevent bottlenecks in the migration work schedule.  

Splunk Migration: In Summary 

Now, you’re familiar with the first mistake we’ve seen organizations make before a Splunk Cloud migration. It’s not bringing in the right people from the start. Avoid this issue with proper planning and a firm understanding of what Splunk Cloud does and doesn’t do. 

Our next article in this series will examine the second top mistake our experts see. It’s not understanding which apps are important going forward. 

SP6 has participated in over 500 Splunk engagements. Our team members possess an average of 4+ years of Splunk experience and 17+ years of IT industry experience.  

If you’ve decided to migrate from an on-prem or self-managed cloud platform to Splunk Cloud, you want to team up with a reputable Splunk partner. Get in touch with us today to schedule a no-cost consultation.