Splunk Cloud 1.0• Splunk Cloud is Splunk Enterprise in the Cloud – All the data analytics power...
Transcript of Splunk Cloud 1.0• Splunk Cloud is Splunk Enterprise in the Cloud – All the data analytics power...
-
© 2 0 2 0 S P L U N K I N C .
© 2 0 2 0 S P L U N K I N C .
Splunk Cloud 1.0.1Tips, tricks and best practices to help you embark on your cloud journey
Georgios GlymidakisSenior Professional Services Consultant | Splunk
Rory BlakePrincipal Architect - IT Markets - Global Services | Splunk
-
During the course of this presentation, we may make forward‐looking statements regarding future events or plans of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results may differ materially. The forward-looking statements made in the this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, it may not contain current or accurate information. We do not assume any obligation to update any forward‐looking statements made herein.
In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only, and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionalities described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Data-to-Everything, D2E and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names or trademarks belong to their respective owners. © 2020 Splunk Inc. All rights reserved
Forward-LookingStatements
-
© 2 0 2 0 S P L U N K I N C .
Georgios Glymidakis | Splunk
Who We Are
Rory Blake | Splunk
-
© 2 0 2 0 S P L U N K I N C .
Georgios GlymidakisSenior Professional Services Consultant
4 Years Professional Services
-
© 2 0 2 0 S P L U N K I N C .
Rory Blake
• Based In UK• Delivering Splunk Professional Services Since 2011• Trained Several Hundred Consultants and Partners• Delivered Splunk Projects in 16 Countries• Background in Software Development & Financial services
Principal Architect – Global Services - Observability & IT Ops
-
© 2 0 2 0 S P L U N K I N C .
Agenda 1) Welcome To Splunk Cloud –Let’s see what you get2) Getting Data In – How to design your data
forwarding layer
3) Splunk Apps – Make the most out of your data
4) Splunk Training – Upskill to maximise your investment
5) Support and Professional Services – Always here to help
6) Additional Resources
-
© 2 0 2 0 S P L U N K I N C .
Welcome to Splunk Cloud
-
© 2 0 2 0 S P L U N K I N C .
Welcome To SplunkCloud
• Splunk Cloud is Splunk Enterprise in the Cloud– All the data analytics power minus the infrastructure overheads and costs
• Service Level Commitment – 100% availability• Data Segregation for Splunk Cloud• Data Encryption At-Rest• Industry certified• Data forwarding layer critical – needs to be optimal
-
© 2 0 2 0 S P L U N K I N C .
Welcome to SplunkCloudWho Does What?
Managing a Splunk deployment involves 12 on-going admin tasks, 8 of whichare conducted by
Splunk for a Cloud based deployment
~80% reduction in management tasks
Responsibility SplunkCloud
Admin Tasks:One-time Setup
Purchase/rent HW SplunkRack and stack, cable, network all HW SplunkInstall Splunk SplunkInstall OS SplunkConfigure Splunk (create users, load apps, configure) SplunkConfigure indexes SplunkSetup HA/clustering SplunkSetup disaster and recovery SplunkConfigure forwarders JointOnboard data JointIntegrate with LDAP/AD Joint
Admin Tasks:Ongoing
Scale up HW SplunkInstall Splunk patches / upgrades SplunkInstall OS patches / upgrades SplunkMonitor deployment / health checks SplunkManage forwarders CustomerCreate users / roles CustomerManage indexes CustomerOnboard additional data CustomerLoad search head only apps Both*Load distributed apps Both*Load premium apps SplunkExport data Splunk
User Tasks Search, alerts, reports, dashboards Customer
-
© 2 0 2 0 S P L U N K I N C .
Getting Data In
-
© 2 0 2 0 S P L U N K I N C .
Getting Data InUniversal, Heavy and Intermediate Forwarders
Desktops
Laptops
Servers
Universal Forwarder
Splunk CloudHeavy
ForwarderDatabases
Scripted Inputs/APIs
UF HF
IntermediateForwarder
SSL SSL
SSL
Splunk Deployment
Server
-
© 2 0 2 0 S P L U N K I N C .
Getting Data InForwarding Configuration Just For You
-
© 2 0 2 0 S P L U N K I N C .
Getting Data InSyslog Servers Or SC4S
Splunk Cloud IndexersNetwork Devices
SyslogServers
Universal Forwarder
OR
HTTP Load Balancer
Splunk Connect For Syslog
-
© 2 0 2 0 S P L U N K I N C .
Getting Data InInputs Data Manager (IDM)
Cloud Services
Splunk Cloud IndexersInputs Data Manager
-
© 2 0 2 0 S P L U N K I N C .
Getting Data InHTTP Event Collector (HEC)
AWS Lambda
Splunk HEC Splunk Cloud Indexers
-
© 2 0 2 0 S P L U N K I N C .
Splunk Apps
-
© 2 0 2 0 S P L U N K I N C .
App Installation
Direct App Install Splunkbaseor
Custom Apps
Premium Apps&
Non-Direct Install
App Browser Private App Upload Support Ticket
Get In!
-
© 2 0 2 0 S P L U N K I N C .
Cloud VettingAppInspect
AppInspect Passed Incompatible
-
© 2 0 2 0 S P L U N K I N C .
Training
Required RecommendedSplunk Fundamentals 1 (Free) Splunk Fundamentals 3
Splunk Fundamentals 2 Advanced Search & Reporting
Creating Dashboards
Splunk Cloud Administration CourseAdministrator training for Splunk Cloud Management:
• Users• Data Inputs• Forwarder Configuration• Data Management
• User Accounts• Basic Monitoring• Problem Isolation
Become A Splunk Ninja
-
© 2 0 2 0 S P L U N K I N C .
SupportSOS
• Accessibility Issues• Usability Issues• General Questions
-
© 2 0 2 0 S P L U N K I N C .
Success PlansSupport & Services. What you need. When you need it
-
© 2 0 2 0 S P L U N K I N C .
Professional Services OfferingsServices. What you need. When you need it
-
© 2 0 2 0 S P L U N K I N C .
Additional ResourcesI Want Moarrr!
Resource Link
Cloud Migration Assessment App for Splunk https://splunkbase.splunk.com/app/4974/
App Inspect Tutorial https://dev.splunk.com/enterprise/tutorials/quickstart/yourfirstappinspect/
Splunk Essentials for Cloud and Enterprise 8.0 https://splunkbase.splunk.com/app/4748/
Splunk Cloud Documentation https://docs.splunk.com/Documentation/SplunkCloud
Splunk Answers https://community.splunk.com/t5/Splunk-Cloud/bd-p/core-splunk-cloud
Splunk Lantern Knowledgebase https://lantern.splunk.com/hc/en-us
https://splunkbase.splunk.com/app/4974/https://dev.splunk.com/enterprise/tutorials/quickstart/yourfirstappinspect/https://splunkbase.splunk.com/app/4748/https://docs.splunk.com/Documentation/SplunkCloudhttps://community.splunk.com/t5/Splunk-Cloud/bd-p/core-splunk-cloudhttps://lantern.splunk.com/hc/en-us
-
© 2 0 2 0 S P L U N K I N C .
1. Splunk Cloud – The power of Splunk minus the management and infrastructure
2. Data forwarding layer is critical for success
3. Design and manage your on-premise components
4. Utilise Splunkbase Apps – Learn about App Vetting
5. Get trained to maximise value
6. Splunk Docs, Community and Lantern are great sources of information
7. Splunk Support and PS is always close to help
Summary
-
SESSION SURVEYPlease provide feedback via the
© 2 0 2 0 S P L U N K I N C .
Splunk Cloud 1.0.1Slide Number 2Slide Number 3Slide Number 4Slide Number 5Slide Number 6Slide Number 7Welcome To SplunkCloudWelcome to SplunkCloudSlide Number 10Getting Data InGetting Data InGetting Data InGetting Data InGetting Data InSlide Number 16App InstallationCloud VettingSlide Number 19SupportSuccess PlansProfessional Services OfferingsAdditional ResourcesSlide Number 24Slide Number 25