Does anyone know whether it is possible to access multiple Splunk cloud customer environments from a "single pane of glass"?
In other words, let's say I work in an operations center and we have multiple business customers that we monitor (Company A, Company B, Company C for example). Company/Customer A has their own Splunk Cloud environment, as do B and C. In Splunk Cloud, are these Customers' environments rigidly separated, or would it be possible to feed all of these environments into a single search head(s) that our operations center could monitor from one place?
We want to know if we can avoid having to log into multiple Splunk Cloud environments separately as that would not scale well if we began monitoring large numbers of different companies.
My initial thought is yes - via the hybrid search head (an on prem search head within your environment set up to search across multiple splunk cloud instances). The other thought is to work with Splunk to allow forwarding of internal indexes from cloud instances through a VPN tunnel to a search head (or cluster) within your on-prem environment.
We've worked with several partners that do just the same thing - manage multiple (many) customer environments as a service to those customers. So I'm certain this use case has come up before.
I suggest working with your Splunk rep and local Splunk sales engineering team to come up with the best scenario that will work for your use cases.