Learn how our Splunk experts migrated 60 applications to improve our client’s cybersecurity.
INDUSTRY
Retail
SERVICES
Query Development
Migration
Cybersecurity
SKILLS
AWS
Splunk
SIEM Security
The Challenge
One of the largest food retailers in the US was seeking a resource to help analyze and resolve false positive host down alerts that they were getting from Splunk for on-premise Windows and Linux hosts. They were shifting from an old strategy in which a single enterprise AWS account owned all functions and applications to a more holistic approach where each application team had its own account and functions within it that they owned and supported. They had about 60 applications that would need to be moved. To accomplish this, they needed someone proficient in Splunk setup on AWS, knowledge of Splunk components and working mechanisms, and the ability to assess Splunk issues and suggest solutions quickly. This person would be responsible for designing, architecting, configuring, and standing up a Splunk instance from scratch.
The Solution
We provided three Splunk Engineers to migrate all application monitoring from Datadog to IES Splunk. The team was responsible for activities including:
- Answering data onboarding and process questions
- Reviewing use cases for each application monitor and dashboard in Datadog with the internal team
- Educating the internal application team on lookup table usage and providing parameters for scripts
- Developing new Splunk queries
- Redeveloping dashboards
- Creating concise change requests
The Result
Our team was able to design and migrate the new Splunk instance within six months. The new environment accounted for future growth, and the Oxford consultants documented best practices for the client so they would be prepared.