Splunk Cloud Platform

Splunk Cloud migration question

sreeranjan
New Member

We are currently using Splunk Enterprise on-premises, and the client has expressed plans to migrate to Splunk Cloud. In addition, they have clearly stated the need to work, specifically focusing on Synthetic Monitoring and Real User Monitoring (RUM).

While it appears they intend to adopt Splunk Cloud as the primary observability platform, I would like to confirm whether their strategy involves solely utilizing Splunk Cloud or if they intend to integrate with AWS or Azure cloud platforms as part of the observability or hosting architecture.

Could you please provide guidance or clarity on whether the migration includes leveraging Splunk Cloud hosted on a public cloud provider (e.g., AWS or Azure), or if there is a broader hybrid/cloud-native observability strategy in play?

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

I think perhaps there's some mix-up in terminology that is making it harder to communicate the goal.

Splunk Enterprise is Splunk's core data platform product for on-premises installation.  It can be used to collect observability (o11y) data.

Splunk Cloud (AKA Splunk Cloud Platform) essentially is Splunk Enterprise on a public cloud provider (AWS, GCP, or Azure).

Splunk Observability Cloud is Splunk's o11y product offering and is distinct from both Splunk Enterprise and Splunk Cloud.  This product is available only in a cloud offering.

Splunk Real User Monitoring (RUM) and Splunk Synthetic Monitoring are other separate Splunk products.

That said, can you please re-state the goal?

---
If this reply helps you, Karma would be appreciated.

sreeranjan
New Member

We are currently working with the Splunk Enterprise product. The client has informed us that we will be transitioning to Splunk Cloud.

From what I understand, Splunk Cloud refers to the Splunk Cloud Platform, where the entire infrastructure is hosted and managed by Splunk on AWS. Even though it runs on AWS, it's still referred to as Splunk Cloud—not AWS Cloud—since the architecture and services are maintained by Splunk. Is that correct?


0 Karma

isoutamo
SplunkTrust
SplunkTrust

@sreeranjan wrote:

We are currently working with the Splunk Enterprise product. The client has informed us that we will be transitioning to Splunk Cloud.

From what I understand, Splunk Cloud refers to the Splunk Cloud Platform, where the entire infrastructure is hosted and managed by Splunk on AWS. Even though it runs on AWS, it's still referred to as Splunk Cloud—not AWS Cloud—since the architecture and services are maintained by Splunk. Is that correct?



It’s exactly this way. Usually when we are talking about splunk cloud it means just splunk core platform in cloud. That cloud can be in aws, azure or gcp. Then there are classic and Victoria experiences over it. This user point of view this means which kind of options it have e.g. for deployment apps etc. you can see those from splunk cloud description from docs.splun.com.

With SCP your could expand your environment with edge or ingest processor which helps you with data ingestion configurations.

0 Karma

PickleRick
SplunkTrust
SplunkTrust

As far as I remember (but I'm no Cloud expert so you can double-check it) when subscribing to Splunk Cloud you have a choice between AWS and GCP hosting.

And, to add to this confusion 😉 if you don't want Splunk to manage whole infrastructure for you (it has its pros and its cons) you can also just deploy your own "on-premise" Splunk Enterprise environment on your own cloud of choice VM instances. But this has nothing to do with Splunk Cloud. It would still be Splunk Enterprise.

0 Karma

isoutamo
SplunkTrust
SplunkTrust

You must select between AWS, Azure or GCP. Personally I select always AWS with Victoria experience.

With SCP you don’t need to manage base infra like indexers, search heads etc. in OS and HW level. But you must manage some configurations like users, roles, apps, indexes etc.

Usually there is some nodes in your onprem like DS, some HF like modular inputs, IHF/IUFs/HEC if you need to do some modifications for inputs.

Most apps and inputs could be installed directly into SCP and used there, but some is better to put into onprem.

As you could see there are still some administrative tasks left to you even the core is in SCP. At least I have seen that this combination is working quite well and is much easier for admins than running everything by yourself. It has better cost efficiency than running everything by yourselves.

0 Karma

PickleRick
SplunkTrust
SplunkTrust

On the other hand - you have no control over some of the settings (for some you can engage Support to set them for you). You have limited control over size of your environment. Your options are limited in terms of handling frozen data. You can't integrate authentication with your on-prem LDAP...

So there are pros and cons, as I said 😉

0 Karma

isoutamo
SplunkTrust
SplunkTrust

You are absolutely correct with these words!

There are pros and cons with SCP as there are also in Enterprise. And definitely there is a new way how you must to do things. Some of changes are really annoying and decrease your working performance and some of those are "Why I haven't those in onprem too" 😉

And as in any situation with Splunk, you must say It depends on which one is best for you and you must go through your use case to make correct decision.

isoutamo
SplunkTrust
SplunkTrust

As @richgalloway already said there are many different products not only one which you are talking about. I suppose that your best option is to contact your local Splunk sales engineer or splunk partner and they could go through that offering to you. Then it's much easier to select correct options to your client.

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...