Our Use Case PDFs and blog images are only available in German. If you are interested in further information, we are happy to assist you personally. Please don’t hesitate to contact us directly.
Download the PDF here: Cloud Migration | From On-Prem to SaaS Platform with Splunk Cloud
1. The Initial Situation
Our client is a German manufacturer in the automotive sector that also offers mobility and financial services.
The existing on-premise Splunk infrastructure processes several terabytes of data daily and requires a high level of administrative effort for operation, maintenance, and updates.
Adjustments to hardware or storage space often involve a large amount of resources, as the infrastructure offers little flexibility for new requirements.
Therefore, the customer decided to shut down the on-prem data center and switch to the Splunk Cloud (SaaS). This step enables significantly simplified administration, automatic updates, and a scalable and future-proof solution for data analysis.
2. Requirements analysis
As part of the company-wide cloud-first strategy, the existing infrastructure is to be replaced by a high-performance SaaS solution.
The following technical requirements arise:
Cloud-native architecture (cloud-first principle): The new solution must be completely cloud-based and provided as Software-as-a-Service (SaaS). The use of on-premise resources is not intended.
Scalability and flexibility: The SaaS platform must enable flexible scaling of the infrastructure in order to react dynamically to changing requirements such as increased data volume, new data sources or changing peak loads.
API integration: An open and documented API is essential in order to be able to continue using the existing CI/CD pipeline seamlessly. Automation of configuration changes, data source connection and user management should be possible via interfaces.
Future-proof: The solution must be modularly expandable with a view to long-term developments and be able to integrate new functionalities without comprehensive re-implementation.
3. The solution
Migrating from an on-premise environment to the Splunk Cloud offers a future-proof and scalable solution for modern data analysis.
Our proven migration strategy includes a structured analysis of the existing Splunk On-Prem infrastructure, the planning of the target architecture in the cloud, and the smooth transfer of workloads and configurations.
Existing historical data can – if desired – remain in the on-prem environment, while new data streams flow directly into the Splunk Cloud.
The Solution from NetDescribe
By using Splunk Cloud, our customer benefits from automated updates, higher availability and reduced administrative complexity.
The solution makes it possible to access business-critical insights faster and at the same time optimize operating costs.
4. The Implementation
A migration of existing data is not necessary, as the retention periods of the previous on-premise environment are sufficient. Future data streams will be transferred directly to the Splunk Cloud.
As part of the Assigned Expert Subscription, we act as a subcontractor of Splunk and ensure that our customers get the maximum added value from the Splunk platform – both in the on-premise and in the cloud version.
The Assigned Expert Service from Splunk helps companies maximize their ROI. This is achieved through faster time-to-value, the proactive implementation of relevant use cases and targeted competence development. With the help of the Value Realization Path, all activities are specifically tailored to the individual business goals, the existing environment and the customer’s level of expertise.
The service is divided into the phases Assess, Plan and Realize – and provides comprehensive support to customers in the planning, implementation and optimization of their Splunk solutions.
Splunk Cloud*
Turn data into answers – with Splunk as a Service!
Splunk Cloud is a flexible platform to search, analyze, and visualize the data in your cloud environment.
With it you can:
- Capture and collect terabyte-sized data to use in Splunk and other destinations
- Search all types of data in your ecosystem
- Predict and avoid security and performance problems using machine learning
- Effortlessly convey complex data stories with dashboards
- Collaborate from anywhere via mobile devices and augmented reality
*Source: Splunk
5. Business Benefits
With the help of the Splunk Assigned Expert, the Splunk investment is secured.
This is achieved through:
- Faster value creation (time-to-value)
- Proactive use case implementation
- Development of skills
- Support in the planning, coordination, implementation and optimization of Splunk Security and Observability applications
- Adaptation of detections to the respective environment
- Alignment of Enterprise Security (ES) functions with corporate goals
- Provision of a security expert who is familiar with the customer’s data, organizational structure and requirements
- Understanding of the customer’s security status
As an Assigned Expert, we help with problems such as troubleshooting and configuration, as well as with strategic topics such as BestPractice adjustments/integration and design.
The Splunk Portfolio
Splunk platform. Splunk Enterprise collects and indexes in real time all machine data generated in physical, virtual, or cloud environments. This can include data from applications, servers, networks, sensors, or telecommunications equipment. The solution correlates complex events, enables meaningful insights into machine data and simplifies analyses.
Splunk for security. Splunk Enterprise Security improves all security processes and, as an analysis-driven SIEM (Security Information and Event Management) solution, gives you the holistic view to securely use generated machine data (e.g. information about networks, endpoints, accesses, vulnerabilities and identity data) and to reduce security breaches.
Splunk for IT and Business Services.
>Splunk IT Service Intelligence (ITSI) visualizes status data and key performance indicators (KPIs) of critical IT and business services as a monitoring and analysis solution. Splunk ITSI uses machine-driven (artificial) intelligence, identifies existing and potential problems, prioritizes the rapid recovery of business-critical services, and provides analytically driven IT operations.
The Splunk Functions at a Glance
Collection and indexing of machine data Real-time event capture, universal indexing, adapter elimination, use of metric data, timestamps for events
Search and verification Real-time search, transaction search, interactive results
Correlation and analysis Machine learning-based AI, correlation of complex events, event annotations, pattern recognition
Visualization and reporting Dashboard creation, report automation
Monitoring and alerting Monitoring of events and KPIs, proactive notifications
Security and administration Encrypted access to data streams, secure user access
Get the PDF for download here: Cloud Migration | From On-Prem to SaaS Platform with Splunk Cloud
