Skip to main content
Splunk Lantern

Getting data into Cloud Platform

To best start onboarding and beginning to work with data in Splunk Cloud Platform, review the following general steps. 

  • First, decide on the objective you want to achieve using Splunk Cloud Platform. Then identify the data you need in Splunk Cloud Platform to help you complete that objective. 
  • After you know the data source, find an add-on in Splunkbase to help you get the data into Splunk Cloud Platform (e.g., Splunk Add-on for Microsoft Windows). 
  • Install the Splunk Cloud credentials package to allow the forwarder to communicate with Splunk Cloud Platform securely.
  • Use Splunk Lantern’s security and observability use case libraries to discover new applications for your data.
  • If you have any questions regarding data onboarding, check out the Getting Data In section in our community or contact your CSM or CSA.

Next, use the links to below to learn more about the key steps in each of these processes. 

Archiving your data

Indexes store the data sent to your Splunk Cloud Platform deployment. You can create, update, delete, and view index properties, modify data retention settings for individual indexes, delete data from indexes, and optimize search performance by managing the number of indexes and the data sources stored in specific indexes. Storage is based on your subscription type. You can also purchase additional data retention capacity.