Is your organization migrating from an on-prem or self-managed cloud platform to Splunk Cloud? If so, a Splunk migration will give you a big competitive advantage in the marketplace.
Besides eliminating the need to purchase, manage and deploy additional infrastructure, you’ll strengthen security and compliance.
Furthermore, Splunk Cloud is also FedRAMP Authorized by the General Services Administration at the moderate impact level. It also meets International Traffic in Arms (ITAR) requirements; and provides dedicated encryption both in transit and, optionally encryption at rest.
‘Gotchas’ Happen in Splunk Cloud Migrations
As we’ve learned over the years, the road to a Splunk Cloud migration can be a rough one. Members of our team have worked tirelessly with client companies to ensure their migrations proceeded smoothly.
Along the way, we’ve identified the top three mistakes our clients make during the planning, migration, and production phases. By taking this information to heart, you’ll avoid a great deal of frustration.
2. Not Understanding Which Apps Are Important Going Forward
As a Splunk customer, you will have lots of apps, some of which are likely homegrown. You probably have what we call the core Splunk apps and technology add-ons (TAs) that make all of our data onboarding and dashboarding lives easier.
In almost all cases, these apps and TAs are owned by various Splunk users within your organization. It might seem like a straightforward exercise to shovel it all into Splunk Cloud. However, it won’t be possible (or smart) to migrate everything and anything.
It’s a fact that Splunk Cloud has extraordinary Service Level Agreements (100% as of this writing). They take the viability of their infrastructure and the health of those systems very seriously. This is one of the reasons you are moving to Splunk Cloud, right?
Let’s face it, we have all been there. App sprawl is real and it’s at every level in most organizations.
Do you really need that app that was loaded three years ago by a user, looked at once, and then forgotten? Are all your custom apps Python 3 compliant? Are there knowledge objects that are ownerless or even worse, scattered into random app contexts?
More Splunk App Questions
So, how do we get what we need to Splunk Cloud and not interrupt the business? Look at the apps that are actually needed and being used, what apps are currently supported by Splunk Cloud. Consider:
- Do those that no longer have support or have been depreciated have a migration path, or perhaps an alternative?
- Can we lift saved searches and other search time knowledge objects to Splunk Cloud directly from some of these apps and not have to go through the vetting process?
- Are there any premium Splunk Apps we have to accommodate and perhaps engage Splunk Operations to install and/or configure?
If you engage an experienced partner such as SP6 to validate and plan an app migration effort, it can be a migration lifesaver. There are options for depreciated and non-compliant Python apps and TAs. We can not only help with the app and TA validation; we can also turn your Python frown upside down.
Now you know the second top mistake we’ve seen organizations make before a Splunk Cloud migration – not understanding which apps are important going forward. This is avoidable with proper planning and a clear picture of what Splunk Cloud does and doesn’t do.
If you missed the first article in the series, check it out.
Our final article will examine the third common mistake our Splunk team often sees – not realizing things will change for the better, and being prepared.
SP6 has participated in over 500 Splunk engagements. Our team members have an average of 4 ½ years of Splunk experience and 17 years of IT industry experience.
If your organization has decided to migrate from an on-prem or self-managed cloud platform to Splunk Cloud, it’s critical to work with a reputable Splunk partner. Get in touch with us today to schedule a no-cost consultation.