Jump to Content
Containers & Kubernetes

Hands-on learning lab: Stream Google Cloud data into Splunk Cloud

April 11, 2022
Brian Farnham

Customer Engineer, Infrastructure Modernization

Splunk and Google Cloud customers, this one’s for you: The first Hands-on-Lab of Splunk on Google Cloud is now live and ready for enrollees. 

If you haven’t tried it yet, Google Cloud Skills Boost provides hands-on educational experiences so you can learn what you need to know about operating in the cloud. Labs from Google Cloud Skills Boost give users more than just a sandbox environment — they offer live Google Cloud projects for truly interactive learning. Users get to pick experiences ranging from short, 30-minute labs all the way up to multi-day quests to help them tailor learning to their specific needs. 

Splunk offerings on Google Cloud Platform (GCP) provide rich capabilities that cover a broad set of security scenarios, including end-to-end visibility across cloud, on-premises, and hybrid environments. Using Splunk on GCP, you can gain real-time visibility across Google Cloud events, logs, performance metrics, and billing data. Splunk also enables fast security investigations, alerting, and deeper forensic analysis to accelerate incident resolution. You can better build your security infrastructure using Splunk Phantom Apps for Google Vault, Google Workspace, Google Workspace for Gmail, and Safe Browsing. 

Now, the “Getting Started with Splunk Cloud Getting Data In (GDI) on Google Cloud” hands-on-lab is available to take you through core scenarios for data ingestion and data input in Google Cloud, enabling you to get practical, hands-on experience for all scenarios in just 90 minutes or less.

With this hands-on-lab, you’ll learn how to get streaming data from your Google Cloud environment into Splunk Cloud so your organization can leverage Splunk’s Data-to-Everything platform. The lab guides users through the installation of key Splunk components that enable you to stream data into Splunk Cloud platform:

The lab also guides you through managing the following Google Cloud resources:

As you begin the lab, you’ll launch a Dataflow job using the Splunk-specific template, configure the data inputs in Technical Add-on for Google Cloud Platform, perform sample Splunk searches across ingested data, and monitor and troubleshoot Dataflow pipelines. This enables Splunk admins to collect, analyze, and extract insights from all of your Google Cloud data in an easy-to-use and powerful way. 

Below is an architecture diagram showing the principal components and the API relationship used in the lab. In addition to Dataflow-based ingestion for Splunk, you’ll practice with Pub/Sub and K8s connector, as well as pulling data using Splunk Add-on for GCP.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Splunk_Cloud.max-1500x1500.jpg

This hands-on-lab provides a full-stack practice experience with Splunk on Google Cloud as part of data ingestion and processing. If you’re interested in getting started, please follow the guide here:

Getting Started with Splunk Cloud GDI on Google Cloud  

Looking Ahead with GCP and Splunk 

Stay tuned for the next Google Cloud and Splunk hands-on lab announcement, and in the meantime, check out our official Getting Data In (GDI) guide to learn about the integration after completing the lab. To take a step further and learn more about automating the process, take a look at our export Terraform module with Splunk.

Posted in