Skip to content Skip to site navigation

Splunk Cloud Platform Migration is Complete

Monday, May 13, 2024

This month, University IT (UIT) successfully completed the migration of Splunk, the university’s primary centralized logging system, to the cloud instance. 

How do I get started on Splunk Cloud?

If you already use Splunk, the Splunk Cloud login and access controls are the same as they were for the on-prem instance — with the exception of a new URL.

To get started on Splunk Cloud: 

What else do I need to know?

Effective immediately: 

  • Access to the on-prem Splunk instance (susplunk.stanford.edu) will remain for current users until further notice.
  • ​On-prem instance (susplunk.stanford.edu) logs will be available in a read-only mode for 18 months and no new logs will be on-boarded to the on-prem instance.
  • The client certificate for Splunk Universal Forwarders used by hosts to send in logs is now managed centrally and you no longer have to renew them individually.
  • All user-created Knowledge Objects, e.g., reports, alerts, and dashboards, have been migrated from the on-prem instance to Splunk Cloud.  

How do I get help?

Visit the Splunk service page (https://uit.stanford.edu/service/splunk) to view the FAQs and get more information about the Splunk Cloud instance.  

If you experience any issues accessing or using Splunk Cloud, please submit a Help ticket to the Enterprise Cloud Operations team in UIT. 

Share Feedback

DISCLAIMER: UIT News is accurate on the publication date. We do not update information in past news items. We do make every effort to keep our service information pages up-to-date. Please search our service pages at uit.stanford.edu/search.