PLATFORM

Splunk Cloud 7.2 Upgrades Are Happening | Splunk

We are thrilled to announce the General Availability of Splunk Cloud 7.2! We have started onboarding new Splunk Cloud customers to this new release earlier this year.

Splunk Cloud 7.2 highlights include the following:

  • Logs to Metrics: Convert your log data to metric data points at the time of ingest.

  • Guided Data Onboarding (GDO): GDO provides end-to-end guidance for getting specific data sources into Splunk Cloud.

  • Dashboard Dark Mode: A dark dashboard display option that is optimized for the NOC/SOC/overhead viewing experience...and it legitimately looks cool.

  • Splunk Cloud standardizes on an architecture that incorporates SmartStore.

  • Dynamic Data Active Archive (DDAA): This Splunk Cloud subscription creates a lower price/performance option for long-term data retention that you’d like to remain searchable.

In Splunk Cloud, we see customer data as having a dynamic lifecycle that goes through different phases: Searchable, Archive and Self-Storage.

Every Splunk Cloud subscription includes Searchable storage and stored data is searchable at speed and is immediately available for the analytics workloads. Archive is an optional Splunk Cloud subscription that enables customers to retain data for longer timeframes driven by their compliance requirements. Self-Storage will benefit customers who want to keep older data under their control.

One common question I get asked is the difference between Archive and Self-Storage, so I put together this simple comparison table to help you compare these two options:

 


Note that since Archive and Self-Storage are enabled on per index basis, you can selectively choose which is best to use to meet your data retention requirements. As a purely hypothetical example, you may select the odd numbered indexes to send aged data to Archive while choosing the even numbered indexes to export aged data to Self-Storage.

Finally, I wanted to include some other final considerations as you prepare for Splunk Cloud 7.2 upgrades - allow me to be technical for a moment:

  • Splunk Cloud standardizes our authentication and access models to either local login or SAML-based authentication. This means that if you are using multi-factor authentication, the solution you choose must integrate with a SAML-based authentication solution. There are numerous SAML-based authentication solutions that Splunk Cloud supports.

  • Splunkbase is the system of record for app compatibility with Splunk Cloud 7.2. We know of a handful of Splunk Supported Apps are currently not compatible or vetted for Splunk Cloud 7.2, but we are working hard to close the gaps as soon as possible. For Community Supported Apps, you’ll need to ensure compatibility with Splunk Cloud 7.2 prior to being upgraded to this release.

  • Ensure that your universal and heavy forwarders are upgraded to ensure compatibility and supportability.


Archive

Self-Storage

Data Custodian

Splunk

Customer

Automated Aged Data Movement

Yes

Yes

User experience

Unified in Splunk Web

Distributed across Splunk Web and AWS Console

Storage Cost

Included in subscription

Customer pays AWS

Monitoring that aged data successfully moved

Splunk Cloud

Customer self-monitors

Restore data to Splunk Cloud

Yes

No

(restore to BYOL or on-prem Splunk Enterprise)

Restore experience

Unified in Splunk Web  

Manual steps in CLI

When restored data is searchable

Within 24 hours

Variable depending on customer skill set and infrastructure readiness

More information

Archive Blog

Self-Storage Blog

----------------------------------------------------
Thanks!
Azmir Mohamed

Azmir Mohamed
Posted by

Azmir Mohamed

Azmir is a Principal Product Manager on the Splunk Cloud team. He joined Splunk after spending seven years at IaaS startups in various product management leadership roles. The last of these startups was Blue Box, which was by acquired IBM and where he ran the Bluemix Private Cloud offering. Prior to his startup stints, Azmir held senior product and strategy leadership roles at VMware and Cisco. While the SF Bay Area has been home for more than 2 decades, he was born and raised in Malaysia. And yes, he loves durian.

TAGS
Show All Tags
Show Less Tags