One of the largest food retailers in the US was seeking a resource to help analyze and resolve false positive host down alerts that they were getting from Splunk for on-premise Windows and Linux hosts. They were shifting from an old strategy in which a single enterprise AWS account owned all functions and applications to a more holistic approach where each application team had its own account and functions within it that they owned and supported. They had about 60 applications that would need to be moved. To accomplish this, they needed someone proficient in Splunk setup on AWS, knowledge of Splunk components and working mechanisms, and the ability to assess Splunk issues and suggest solutions quickly. This person would be responsible for designing, architecting, configuring, and standing up a Splunk instance from scratch.
We provided three Splunk Engineers to migrate all application monitoring from Datadog to IES Splunk. The team was responsible for activities including:
Answering data onboarding and process questions
Reviewing use cases for each application monitor and dashboard in Datadog with the internal team
Educating the internal application team on lookup table usage and providing parameters for scripts
Developing new Splunk queries
Creating concise change requests
Our team was able to design and migrate the new Splunk instance within six months. The new environment accounted for future growth, and the Oxford consultants documented best practices for the client so they would be prepared.